URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Submission: On July 27 via api from US — Scanned from NL

Summary

This website contacted 28 IPs in 7 countries across 23 domains to perform 49 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is corebook.com.ng.
TLS certificate: Issued by WE1 on July 3rd 2024. Valid for: 3 months.
This is the only time corebook.com.ng was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 188.114.97.3 13335 (CLOUDFLAR...)
4 172.67.165.78 13335 (CLOUDFLAR...)
1 13.224.189.93 16509 (AMAZON-02)
3 99.86.4.91 16509 (AMAZON-02)
2 2620:1ec:bdf::42 8075 (MICROSOFT...)
1 2600:9000:235... 16509 (AMAZON-02)
1 2a02:4780:dea... 204915 (AWEX)
1 104.18.10.207 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 206.221.176.133 23470 (RELIABLESITE)
1 149.56.240.129 16276 (OVH)
2 4 142.132.202.70 24940 (HETZNER-AS)
1 2a05:d018:ce9... 16509 (AMAZON-02)
2 34.235.209.192 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 172.67.203.105 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 172.67.136.238 13335 (CLOUDFLAR...)
4 2001:4860:480... 15169 (GOOGLE)
2 142.250.185.136 15169 (GOOGLE)
1 149.56.240.27 16276 (OVH)
2 142.250.185.174 15169 (GOOGLE)
1 2 184.30.210.6 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 34.193.235.220 14618 (AMAZON-AES)
1 216.239.32.36 15169 (GOOGLE)
49 28
Apex Domain
Subdomains
Transfer
9 sonetel.com
widget.sonetel.com
api.sonetel.com
beta-api.sonetel.com
452 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
468 KB
4 anytrack.io
assets.anytrack.io — Cisco Umbrella Rank: 87052
t1.anytrack.io — Cisco Umbrella Rank: 109320
59 KB
4 jdi5.com
fastcdn.jdi5.com — Cisco Umbrella Rank: 724075
counter.jdi5.com — Cisco Umbrella Rank: 623825
imgcdn1.jdi5.com
4 KB
3 histats.com
sstatic1.histats.com — Cisco Umbrella Rank: 28380
s10.histats.com — Cisco Umbrella Rank: 6836
s4.histats.com — Cisco Umbrella Rank: 6819
5 KB
2 aliexpress.com
s.click.aliexpress.com — Cisco Umbrella Rank: 21293
best.aliexpress.com — Cisco Umbrella Rank: 50485
2 KB
2 korfo.org
korfo.org — Cisco Umbrella Rank: 127346
485 B
2 a11ybar.com
a11ybar.com — Cisco Umbrella Rank: 120047
1 KB
2 bitlabs.ai
sdk.bitlabs.ai — Cisco Umbrella Rank: 378092
523 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 9563
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
254 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
1 powered-by-revidy.com
powered-by-revidy.com — Cisco Umbrella Rank: 143950
349 B
1 nethcdn.com
nethcdn.com — Cisco Umbrella Rank: 132986
514 B
1 aino7.sbs
aino7.sbs — Cisco Umbrella Rank: 686938
1 tinyfast.xyz
tinyfast.xyz — Cisco Umbrella Rank: 685081
479 B
1 kizpush.xyz
kizpush.xyz
536 B
1 flagcounter.com
s04.flagcounter.com — Cisco Umbrella Rank: 368159
11 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508
25 KB
1 000webhostapp.com
okbackpage.000webhostapp.com
11 KB
1 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 7072
7 KB
1 corebook.com.ng
corebook.com.ng
28 KB
49 23
Domain Requested by
6 beta-api.sonetel.com widget.sonetel.com
5 www.googletagmanager.com corebook.com.ng
www.googletagmanager.com
www.google-analytics.com
4 region1.google-analytics.com www.googletagmanager.com
4 www.google-analytics.com counter.jdi5.com
www.google-analytics.com
corebook.com.ng
3 assets.anytrack.io corebook.com.ng
assets.anytrack.io
2 korfo.org 1 redirects a11ybar.com
2 a11ybar.com kizpush.xyz
a11ybar.com
2 api.sonetel.com widget.sonetel.com
2 counter.jdi5.com corebook.com.ng
counter.jdi5.com
2 sdk.bitlabs.ai corebook.com.ng
1 imgcdn1.jdi5.com corebook.com.ng
1 www.google.nl corebook.com.ng
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 best.aliexpress.com a11ybar.com
1 s.click.aliexpress.com 1 redirects
1 powered-by-revidy.com 1 redirects
1 nethcdn.com 1 redirects
1 s4.histats.com s10.histats.com
1 aino7.sbs corebook.com.ng
1 tinyfast.xyz 1 redirects
1 s10.histats.com corebook.com.ng
1 t1.anytrack.io corebook.com.ng
1 kizpush.xyz corebook.com.ng
1 sstatic1.histats.com corebook.com.ng
1 s04.flagcounter.com corebook.com.ng
1 stackpath.bootstrapcdn.com corebook.com.ng
1 okbackpage.000webhostapp.com corebook.com.ng
1 widget.sonetel.com corebook.com.ng
1 widget.trustpilot.com corebook.com.ng
1 fastcdn.jdi5.com corebook.com.ng
1 corebook.com.ng
49 32

This site contains links to these domains. Also see Links.

Domain
engine.voluumtlkrnarketing.com
engine.trackingdesks.com
info.flagcounter.com
Subject Issuer Validity Valid
corebook.com.ng
WE1
2024-07-03 -
2024-10-01
3 months crt.sh
jdi5.com
WE1
2024-07-09 -
2024-10-07
3 months crt.sh
*.trustpilot.com
Amazon RSA 2048 M03
2024-01-03 -
2025-01-31
a year crt.sh
anytrack.io
Amazon RSA 2048 M02
2024-01-17 -
2025-02-14
a year crt.sh
sdk.bitlabs.ai
DigiCert TLS RSA SHA256 2020 CA1
2023-12-12 -
2024-12-12
a year crt.sh
*.sonetel.com
Go Daddy Secure Certificate Authority - G2
2024-06-29 -
2025-05-14
a year crt.sh
*.000webhostapp.com
RapidSSL TLS RSA CA G1
2023-07-11 -
2024-08-10
a year crt.sh
bootstrapcdn.com
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
*.google-analytics.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
s02.flagcounter.com
R3
2024-06-01 -
2024-08-30
3 months crt.sh
histats.com
R3
2024-05-13 -
2024-08-11
3 months crt.sh
kizpush.xyz
R10
2024-07-14 -
2024-10-12
3 months crt.sh
s10.histats.com
E5
2024-06-09 -
2024-09-07
3 months crt.sh
aino7.sbs
WE1
2024-07-07 -
2024-10-05
3 months crt.sh
a11ybar.com
WE1
2024-06-22 -
2024-09-20
3 months crt.sh
korfo.org
R10
2024-07-08 -
2024-10-06
3 months crt.sh
ru.aliexpress.com
DigiCert TLS RSA SHA256 2020 CA1
2024-05-17 -
2024-10-23
5 months crt.sh
*.g.doubleclick.net
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.google.nl
WR2
2024-07-01 -
2024-09-23
3 months crt.sh

This page contains 4 frames:

Primary Page: https://corebook.com.ng/site-category.html?to-page=NorthWest
Frame ID: 11DD3CB842E68DAE11DE36E00FD318C7
Requests: 44 HTTP requests in this frame

Frame: https://aino7.sbs/submit.php
Frame ID: F035069CCF0B8A13FFC6C22838C7885D
Requests: 1 HTTP requests in this frame

Frame: https://korfo.org/vu/nl/
Frame ID: 662E84D14CD12CB46C734207D086CB9F
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/?dp=5548f56cf2f8d7d5dde210afdd704b8c&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843&aff_fcid=2595a80e2b9e4639bfb35275d6bca873-1722075035825-06493-_ePNSNV&aff_fsk=_ePNSNV&aff_platform=portals-tool&sk=_ePNSNV&aff_trace_key=2595a80e2b9e4639bfb35275d6bca873-1722075035825-06493-_ePNSNV&terminal_id=23cc65624fbb4348bf8d7ca27d09dafb
Frame ID: EED42C30A239BC9BA3A0F6D249814CB5
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Backpage NorthWest Escorts ¦ CoreBookpage NorthWest Classifieds

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

49
Requests

100 %
HTTPS

36 %
IPv6

23
Domains

32
Subdomains

28
IPs

7
Countries

1616 kB
Transfer

5160 kB
Size

36
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://tinyfast.xyz/red2.php?rand=eL3076d8ee12a063758dc0c6f4b8477401&id=27 HTTP 302
  • https://aino7.sbs/submit.php
Request Chain 36
  • https://nethcdn.com/stat HTTP 302
  • https://korfo.org/vu/nl/
Request Chain 37
  • https://powered-by-revidy.com/a HTTP 302
  • https://korfo.org/to2/aliexpress.com/ HTTP 307
  • https://s.click.aliexpress.com/deep_link.htm?aff_short_key=_ePNSNV&dl_target_url=https%3A%2F%2Fbest.aliexpress.com&dp=5548f56cf2f8d7d5dde210afdd704b8c&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843 HTTP 302
  • https://best.aliexpress.com/?dp=5548f56cf2f8d7d5dde210afdd704b8c&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843&aff_fcid=2595a80e2b9e4639bfb35275d6bca873-1722075035825-06493-_ePNSNV&aff_fsk=_ePNSNV&aff_platform=portals-tool&sk=_ePNSNV&aff_trace_key=2595a80e2b9e4639bfb35275d6bca873-1722075035825-06493-_ePNSNV&terminal_id=23cc65624fbb4348bf8d7ca27d09dafb

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request site-category.html
corebook.com.ng/
67 KB
28 KB
Document
General
Full URL
https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e92ed473e3da5cbc3cc5222c6da4c793a2fecad429141f4f4340087bca4415e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a9bd6edd8cf0e87-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jul 2024 10:10:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFLHva4p1%2FWw%2FHSScROhj7Al7JWpCTfRyp15ORr3M46GwI7ggqNzpXzBSUeQ9zBwTWUyhz3gD04My9hyAVvESuHdkaAIVOZoSXAWEdY38N6Xo6j5DOzexguhO%2BsGes2Y1MA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
fastcdn.jdi5.com/css/corebook.wapkiz.com/
0
526 B
Stylesheet
General
Full URL
https://fastcdn.jdi5.com/css/corebook.wapkiz.com/style.css
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45739
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 Jul 2024 21:28:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psngqz9TdDiGwPo8sSSFG%2F%2BsE4HXf67%2FUK6S8j%2BxeJOu0aJoIuUHf7DVv%2Fp2USqXsReWZXuI8qs8t%2BHTZa5%2B%2BgfFo2dZeJ1QfHUXlbpttqOmJRzrvxErabEs6fx7437AtzjW"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
8a9bd6ef6d4b1c80-AMS
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/
21 KB
7 KB
Script
General
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-93.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 01:20:26 GMT
content-encoding
gzip
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA2-C1
age
31800
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6759
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 12:27:20 GMT
server
AmazonS3
etag
"15864ce88fa79a3e954417d0c3396798"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
wgI1Qfh7MBqPKAWTOVWKhcxRnFq9_Dudm0CW4uxDLaxn13VqswqbPg==
q3La1BjNnVyD.js
assets.anytrack.io/
678 B
1 KB
Script
General
Full URL
https://assets.anytrack.io/q3La1BjNnVyD.js
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
/
Resource Hash
668dbac92ab8c473fa075f36e9de7a2572e84ae0ab0c8a8c0357d1cb004b806f

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:08:29 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
117
etag
W/"2a6-blDKBIwrDqGL3AZgAI7TK6+vTAc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600
content-length
678
x-amz-cf-id
fCbxnSsRD5S24pBsLMmtYPZjPbOfoRmsNnRF6G3uTHYxDzqoDZW1IQ==
bitlabs-sdk-v0.0.2.js
sdk.bitlabs.ai/
1 MB
499 KB
Script
General
Full URL
https://sdk.bitlabs.ai/bitlabs-sdk-v0.0.2.js
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa0ada4c394dd9161d2f5f51c025f412183cf1e574c752da932aad107ea655b7

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:26 GMT
content-encoding
br
last-modified
Fri, 01 Dec 2023 10:53:45 GMT
etag
W/"0x8DBF25BCA5918DB"
vary
Accept-Encoding
x-azure-ref
20240727T101026Z-r159c8798fd7b45czffhnsf68400000003p0000000001wdp
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8d1c9c68-901e-0029-0634-dea342000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
49547983
bitlabs-sdk-v0.0.2.css
sdk.bitlabs.ai/
187 KB
24 KB
Stylesheet
General
Full URL
https://sdk.bitlabs.ai/bitlabs-sdk-v0.0.2.css
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e70fd5c00483d52d860053590f49b91d23285c6f4339d017f18f2a6e252250d

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:26 GMT
content-encoding
br
last-modified
Fri, 01 Dec 2023 10:54:06 GMT
etag
W/"0x8DBF25BD6E9567A"
vary
Accept-Encoding
x-azure-ref
20240727T101026Z-r159c8798fd7b45czffhnsf68400000003p0000000001wdn
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
c8a03401-601e-003d-5635-deeb2d000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
49547983
SonetelWidget.min.js
widget.sonetel.com/
2 MB
447 KB
Script
General
Full URL
https://widget.sonetel.com/SonetelWidget.min.js
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:b600:9:402a:cb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdffca9efbc674cbbd615558e409a379ef070708b2607ce45b1ee596be839282

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
qP2mHh_HbsOlYC0Jr1oaIK.ho8Pd187A
content-encoding
gzip
via
1.1 6ee264f4aa2ef518b13a5a8305e8080e.cloudfront.net (CloudFront)
date
Sat, 27 Jul 2024 06:32:31 GMT
last-modified
Mon, 06 May 2024 08:39:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
13076
x-amz-server-side-encryption
AES256
etag
W/"25f75550043266e80c4778e84e97fa7c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dD5_w0skC3wWQTdUupEWIY1Q4YBC1yvs4S0xupbOrH6sccIQyESBFA==
stylenew.css
okbackpage.000webhostapp.com/
39 KB
11 KB
Stylesheet
General
Full URL
https://okbackpage.000webhostapp.com/stylenew.css
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:2329::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
d5889821be8a859f10daca77e9c986c17dddde39ced0c9d0b6466808d00fbbad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 31 Aug 2023 18:21:31 GMT
server
awex
content-type
text/css
x-xss-protection
1; mode=block
x-request-id
3aa2caf18573db6697324a2da928d976
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/
138 KB
25 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://corebook.com.ng/
Origin
https://corebook.com.ng
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1077
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
45740
cdn-cachedat
03/18/2024 12:49:44
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"a7022c6fa83d91db67738d6e3cd3252d"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fbdda00c2d512ea0274034b96f549037
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8a9bd6f18b8c970b-AMS
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/
256 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JF6KD7RVTT
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
925f6381642b7b34ee67b58ef970619095b30ad05d6f56910306c63086a5ace8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91827
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jul 2024 10:10:26 GMT
/
s04.flagcounter.com/countxl/z6nW/bg_FFFFFF/txt_000000/border_CCCCCC/columns_3/maxflags_6/viewers_3/labels_1/pageviews_1/flags_0/percent_0/
11 KB
11 KB
Image
General
Full URL
https://s04.flagcounter.com/countxl/z6nW/bg_FFFFFF/txt_000000/border_CCCCCC/columns_3/maxflags_6/viewers_3/labels_1/pageviews_1/flags_0/percent_0/
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.221.176.133 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.37 (Rocky Linux) OpenSSL/1.1.1k /
Resource Hash
93759df90ec11726fc466db0a296ea6d5cd518af5c42bd5f1d126ee8b4761a37

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jul 2024 10:10:26 GMT
Cache-control
no-cache
Server
Apache/2.4.37 (Rocky Linux) OpenSSL/1.1.1k
Connection
close
Transfer-Encoding
chunked
Content-Type
image/png
0.gif
sstatic1.histats.com/
43 B
163 B
Image
General
Full URL
https://sstatic1.histats.com/0.gif?4555742&101
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534297.ip-149-56-240.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 27 Jul 2024 10:10:26 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
online.js
counter.jdi5.com/
3 KB
2 KB
Script
General
Full URL
https://counter.jdi5.com/online.js
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11405297
cf-polished
origSize=4470
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 07 Oct 2022 16:12:30 GMT
server
cloudflare
etag
W/"63404fee-1176"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2q%2Fut5LxEFduGTMAmwbd4Kz5UFCS9jwX6wf%2B0Ix54c%2FfYGxwCyK22AT%2F7u8VRchzCRzPmTNiUlJW1goFHTqeDsdrnEae5QACWBdccrKedcG49%2FNWWJLzq%2FQRRY7KgRhpoLm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8a9bd6f14f241c80-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
kizc.php
kizpush.xyz/
300 B
536 B
Script
General
Full URL
https://kizpush.xyz/kizc.php?id=Y29yZWJvb2suY29tLm5n
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
da5075f0faf668a23e97a93a4fd30d91c087c5075b82ab061a2a57e8593cee94

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Jul 2024 10:10:26 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
js
www.googletagmanager.com/gtag/
308 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f1406105e756f57e5840159f28263a7c4313c120e1054641b206b8b0b975519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104558
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jul 2024 10:10:26 GMT
83aa98a.js
assets.anytrack.io/scripts/v0/
165 KB
57 KB
Script
General
Full URL
https://assets.anytrack.io/scripts/v0/83aa98a.js
Requested by
Host: assets.anytrack.io
URL: https://assets.anytrack.io/q3La1BjNnVyD.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be3654296cd557c79589acb379b50b68eedae9e53a5dd5c0e47b6224c4984526

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Jul 2024 13:47:32 GMT
x-amz-version-id
MiAjc6I4n25vzDZZIU73CDgns6qg5Dhb
content-encoding
gzip
last-modified
Wed, 03 Jul 2024 13:46:26 GMT
server
AmazonS3
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"bf0478ea1f5baf334896f1c7f205fea8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
age
2060575
x-amz-cf-id
R8SWrM0UeCyiIi768c-QarLA70B7xc0QuE3ViY1T04jiDCrjEG8u4g==
q3La1BjNnVyD.links.js
assets.anytrack.io/
108 B
458 B
Script
General
Full URL
https://assets.anytrack.io/q3La1BjNnVyD.links.js
Requested by
Host: assets.anytrack.io
URL: https://assets.anytrack.io/q3La1BjNnVyD.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
/
Resource Hash
249defcee01ed156870995dd6ba5505789f09cac8357a9d4ee71cef68a517bbd

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 08:19:13 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
6673
etag
W/"6c-qjhUhKxTrchW7aOjJDvPBMXQn7I"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7200
content-length
108
x-amz-cf-id
8ft4Izhc1XZbThtH4odxTeHIHW4VvN5K9cohdJ5dgPn_xZNezIhHBA==
collect
t1.anytrack.io/assets/q3La1BjNnVyD/
35 B
200 B
Image
General
Full URL
https://t1.anytrack.io/assets/q3La1BjNnVyD/collect?cid=f7DkgOl5vLOWlx&ts=1722075027134&nc=1&en=PageView&dl=https%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:ce9:9501:2178:821f:375b:7d49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jul 2024 10:10:27 GMT
cache-control
no-store
x-content-type-options
nosniff
etag
W/"23-D06SndW7JWT3q5x2M44E4pKkKs4"
content-length
35
content-type
image/gif
participant-token
api.sonetel.com/SonetelAuth/beta/
906 B
1 KB
XHR
General
Full URL
https://api.sonetel.com/SonetelAuth/beta/participant-token
Requested by
Host: widget.sonetel.com
URL: https://widget.sonetel.com/SonetelWidget.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.209.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-209-192.compute-1.amazonaws.com
Software
nginx /
Resource Hash
09d280002276d836563ce950ef3cea2ddc7f68161e4455b4e2faa61cf3aba00a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; always

Request headers

Accept
application/json, text/plain, */*
Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sat, 27 Jul 2024 10:10:32 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; always
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Access-Control-Max-Age
3600
Connection
keep-alive
Access-Control-Allow-Headers
x-requested-with, authorization, content-type, Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,x-sonetel-lang,x-sonetel-referrer
X-Application-Context
auth-api:beta:9056
participant-token
api.sonetel.com/SonetelAuth/beta/ Frame
0
0
Preflight
General
Full URL
https://api.sonetel.com/SonetelAuth/beta/participant-token
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.209.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-209-192.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; always

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://corebook.com.ng
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,x-sonetel-lang,x-sonetel-referrer
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Connection
keep-alive
Content-Length
0 0
Content-Type
application/octet-stream text/plain charset=UTF-8
Date
Sat, 27 Jul 2024 10:10:31 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000; includeSubDomains; always
truncated
/
957 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
735cefd1d8fde7cc3e3944ec006e3794fca2a5328ebdfffa7be9935da19f4c38

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
16 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f38a4325353c83a4443bd29e4bb8de911441110851fc1f154e512b93c1ef584f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1347 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
10492
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8a9bd716099e0ae0-AMS
content-length
4547
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 27 Jul 2024 08:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6085
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 27 Jul 2024 10:29:07 GMT
fc.php
counter.jdi5.com/
47 B
596 B
Script
General
Full URL
https://counter.jdi5.com/fc.php?id=de955081a05b8e529ffe97511cb89448&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&ref=&pn=https%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&wh=1600x1200&rand=74
Requested by
Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a58450475619d172d08c462c1a4e60bc40f79423ec659f4600f1a91ca73f57f2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ATHhhWvcgMemdgAjuBniVtYdq5H4AU16upB2RG55118L6vWlCIFO%2Fz0f7O7fV3WkHVnv4wqND8ldPsbX2zcxpyeb%2FFBpdhNaGQ0mkZjxxCjmomQ%2Bs68%2F2HaZeBgvB32NHWr"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2592000
cf-ray
8a9bd71369261c80-AMS
alt-svc
h3=":443"; ma=86400
content-length
47
x-xss-protection
1; mode=block
expires
Mon, 26 Aug 2024 10:10:33 GMT
submit.php
aino7.sbs/ Frame F035
Redirect Chain
  • https://tinyfast.xyz/red2.php?rand=eL3076d8ee12a063758dc0c6f4b8477401&id=27
  • https://aino7.sbs/submit.php
0
0
Document
General
Full URL
https://aino7.sbs/submit.php
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

Referer
https://corebook.com.ng/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a9bd7176aa40ba4-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jul 2024 10:10:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jP0osu0eV3r0rojOukkPnAOHoPzi5wR71Z8m05Y%2Fs4Dtl%2F2D4L4ot0GRhWWMvHWUnv4l3STNrVKrypaM%2F4vZbGGHdlkKki23xw0lXMDplk5TisgVE%2B33EKQPk7I%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a9bd7142d8066d6-AMS
content-type
text/html; charset=UTF-8
date
Sat, 27 Jul 2024 10:10:31 GMT
location
https://aino7.sbs/submit.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=at57rpXsFIMOV27qYQw%2FBPs3QkAASzx%2FYh3CN%2Bw9bLmPxS9stu8zKk0%2B%2By5GebjQTGSA6wep5G0uj%2F%2BShtd5P1aOF9JQfmhEBNubfJ0H3PqtW7OZc5%2B8l1j%2BDsH2uVk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
ok6.js
a11ybar.com/
141 B
559 B
Script
General
Full URL
https://a11ybar.com/ok6.js
Requested by
Host: kizpush.xyz
URL: https://kizpush.xyz/kizc.php?id=Y29yZWJvb2suY29tLm5n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
ae723359f13e5593e4c492c99a8d4751a3349efc137fb3ea701a991c4867b242

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJoFUD3tLnKqYd3hyRdI%2FuEEPIra7VGx%2FujKuoDXtUPr7sk71RY8%2BFwv9WW24xba%2Fojxnir1hCnkYTthXX51mQ4X%2FNxfKC3BqyuruklKVcpxap3PfyPtPOr7OXuvyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a9bd7142a92b930-AMS
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JF6KD7RVTT&gtm=45je47o0v9114343950za200&_p=1722075031270&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1209636271.1722075032&ul=nl-nl&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1722075031&sct=1&seg=0&dl=https%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&dt=Backpage%20NorthWest%20Escorts%20%C2%A6%20CoreBookpage%20NorthWest%20Classifieds&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6446
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JF6KD7RVTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 10:10:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://corebook.com.ng
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
305 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JF6KD7RVTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
459d0490ce0fa6c3b59ad34d4d37c701dff345caec06da6689efc362465d6b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103618
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jul 2024 10:10:31 GMT
js
www.googletagmanager.com/gtag/
195 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-60&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
96f507050583d3131f9330f1aeba00c085fc035fdaedf3fc637a3bfd372a7359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72291
x-xss-protection
0
last-modified
Sat, 27 Jul 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Jul 2024 10:10:32 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P0LJR3FHEL&gtm=45je47o0v867598820za200zb9114343950&_p=1722075031270&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1209636271.1722075032&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722075032&sct=1&seg=0&dl=https%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&dt=Backpage%20NorthWest%20Escorts%20%C2%A6%20CoreBookpage%20NorthWest%20Classifieds&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6710
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 10:10:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://corebook.com.ng
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stat.js
a11ybar.com/
771 B
615 B
Script
General
Full URL
https://a11ybar.com/stat.js
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/ok6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
dfe4146c226afab7a30c7dfa36827f2572a708f1fc96c8fa9247910c5005088c

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fICNujqCYCWXrZkFGDjmpI8zydShi3yO6c3L6D2iP9UNR%2FIHuKB4jtiWd8nz1UW3TJdLVRz6%2FPJKv%2F8W9arwgrIyL%2Bk%2FjXzOLfWulvVgShioviCVptpGZAMWdrFduw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cf-ray
8a9bd718bed9b930-AMS
alt-svc
h3=":443"; ma=86400
0.php
s4.histats.com/stats/
78 B
212 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4555742&@f16&@g1&@h1&@i1&@j1722075032417&@k0&@l1&@mBackpage%20NorthWest%20Escorts%20%C2%A6%20CoreBookpage%20NorthWest%20Classifieds&@n0&@o1000&@q0&@r0&@s0&@tnl-NL&@u1600&@b1:-629676&@b3:1722075032&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534106.ip-149-56-240.net
Software
/
Resource Hash
649b0c90e11108e6ec5a259c9678798c930618453e47c822cdb538599655c4a5

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 27 Jul 2024 10:10:33 GMT
Connection
close
Content-Length
78
Content-Type
text/html;charset=UTF-8
collect
www.google-analytics.com/j/
15 B
221 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=528744005&t=pageview&_s=1&dl=https%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&ul=nl-nl&de=UTF-8&dt=Backpage%20NorthWest%20Escorts%20%C2%A6%20CoreBookpage%20NorthWest%20Classifieds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1556674435&gjid=455083697&cid=1209636271.1722075032&tid=UA-46789381-10&_gid=13213395.1722075032&_r=1&_slc=1&z=367149878
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e27a09c377d9200d99411176d0b35da6ab1e8ed1325363c42fee62fc695bff3e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 10:10:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://corebook.com.ng
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=528744005&t=pageview&_s=1&dl=https%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&ul=nl-nl&de=UTF-8&dt=Backpage%20NorthWest%20Escorts%20%C2%A6%20CoreBookpage%20NorthWest%20Classifieds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=1153286276&gjid=1010890907&cid=1209636271.1722075032&tid=UA-46789381-60&_gid=13213395.1722075032&_r=1&gtm=457e47o0z8867598820za200zb867598820&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250752&jsscut=1&npa=1&z=1937043204
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 10:10:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://corebook.com.ng
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=528744005&t=event&_s=2&dl=https%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&ul=nl-nl&de=UTF-8&dt=Backpage%20NorthWest%20Escorts%20%C2%A6%20CoreBookpage%20NorthWest%20Classifieds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=corebook.com.ng&ea=corebook.com.ng&el=corebook.com.ng&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1209636271.1722075032&tid=UA-46789381-60&_gid=13213395.1722075032&gtm=457e47o0za200zb867598820&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250752&jsscut=1&cg1=corebook.com.ng&npa=1&z=1670508822
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 12:14:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78979
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
311 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b0c86e16eaecb725714a80cac40e005ab5f6b82dfdf329d051472b92a4c6091d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106143
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jul 2024 10:10:32 GMT
/
korfo.org/vu/nl/ Frame 662E
Redirect Chain
  • https://nethcdn.com/stat
  • https://korfo.org/vu/nl/
0
0
Document
General
Full URL
https://korfo.org/vu/nl/
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.70.202.132.142.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://corebook.com.ng/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jul 2024 10:10:34 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a9bd71ef9df1afa-AMS
content-type
text/html; charset=UTF-8
date
Sat, 27 Jul 2024 10:10:33 GMT
location
https://korfo.org/vu/nl/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YMAmJktbETdWpRfm%2Bjc%2BA%2FJRL2tBCbJ525C9b3pFOD5zOOzF1Wxz8N7vuKRu0RButSZr7BRuiJG3vU4Dg%2Fstxq%2Fpw8Y7ozKAJYLLqUK3JE1HBUoRCNcKntW6%2Fn9Nvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
best.aliexpress.com/ Frame EED4
Redirect Chain
  • https://powered-by-revidy.com/a
  • https://korfo.org/to2/aliexpress.com/
  • https://s.click.aliexpress.com/deep_link.htm?aff_short_key=_ePNSNV&dl_target_url=https%3A%2F%2Fbest.aliexpress.com&dp=5548f56cf2f8d7d5dde210afdd704b8c&af=656490&cv=47843&afref=&utm_source=admitad&u...
  • https://best.aliexpress.com/?dp=5548f56cf2f8d7d5dde210afdd704b8c&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843&aff_fcid=2595a80e2b9e4639bfb35275d...
0
0
Document
General
Full URL
https://best.aliexpress.com/?dp=5548f56cf2f8d7d5dde210afdd704b8c&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843&aff_fcid=2595a80e2b9e4639bfb35275d6bca873-1722075035825-06493-_ePNSNV&aff_fsk=_ePNSNV&aff_platform=portals-tool&sk=_ePNSNV&aff_trace_key=2595a80e2b9e4639bfb35275d6bca873-1722075035825-06493-_ePNSNV&terminal_id=23cc65624fbb4348bf8d7ca27d09dafb
Requested by
Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.210.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-210-6.deploy.static.akamaitechnologies.com
Software
Tengine/Aserver /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 27 Jul 2024 10:10:37 GMT
eagleeye-traceid
211b664d17220750368054149e6f9b
p3p
CP="CAO PSA OUR"
server
Tengine/Aserver
server-timing
ak_p; desc="1722075036610_388358814_39563645_49043_17376_29_0_255";dur=1
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-akamai-fwd-auth-data
1491103455, 23.37.226.158, 1722075037, 31.204.150.119
x-akamai-fwd-auth-sha
D81769E5ED79304631430DDCBA495BAEBD9F8EAADBBAFBAF88E3970130F45A3B
x-akamai-fwd-auth-sign
HSwPVDaPe0VCibZDaTXk4i/y0v6NQ0Je2clp+MzzQUyTqfF2E4H3oAzzh2aC0msCYF0SjjS7T9MXyDBbKr6K89nAMW+JskPyTNGYrjE3k9U=
x-application-context
ae-fn-gateway-f:7001

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTION
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
en-US
content-length
0
date
Sat, 27 Jul 2024 10:10:35 GMT
eagleeye-traceid
211b61ae17220750358164368e83e9
expires
0
location
https://best.aliexpress.com?dp=5548f56cf2f8d7d5dde210afdd704b8c&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843&aff_fcid=2595a80e2b9e4639bfb35275d6bca873-1722075035825-06493-_ePNSNV&aff_fsk=_ePNSNV&aff_platform=portals-tool&sk=_ePNSNV&aff_trace_key=2595a80e2b9e4639bfb35275d6bca873-1722075035825-06493-_ePNSNV&terminal_id=23cc65624fbb4348bf8d7ca27d09dafb
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
Tengine/Aserver
server-timing
ak_p; desc="1722075035376_388358814_39561970_12539_16730_33_129_255";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin
*
x-application-context
global-traffic-holmes-f:7001
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HYY21FHH92&gtm=45je47o0v9128476500za200&_p=1722075031270&_gaz=1&gcd=13l3l3l2l2&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250753&ul=nl-nl&sr=1600x1200&cid=1209636271.1722075032&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&dt=Backpage%20NorthWest%20Escorts%20%C2%A6%20CoreBookpage%20NorthWest%20Classifieds&sid=1722075034&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=8722
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 10:10:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://corebook.com.ng
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
254 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HYY21FHH92&cid=1209636271.1722075032&gtm=45je47o0v9128476500za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 10:10:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://corebook.com.ng
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
408 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HYY21FHH92&cid=1209636271.1722075032&gtm=45je47o0v9128476500za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2&npa=0&frm=0&z=245214472
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 10:10:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
beta-api.sonetel.com/ic-server/ic-server/
1 KB
1 KB
XHR
General
Full URL
https://beta-api.sonetel.com/ic-server/ic-server/token
Requested by
Host: widget.sonetel.com
URL: https://widget.sonetel.com/SonetelWidget.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.235.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-235-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
27dc4af9cecaae0078063db7169e6637879233e7d397d5b9d5b3bef5e8ae1006
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; always
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://corebook.com.ng/
Authorization
Bearer eyJhbGciOiJSUzI1NiJ9.eyJwYXJ0aWNpcGFudF9qaWQiOiIzMzgzNmU2NC1jZTQ2LTQ2YTMtOGNlMy05YjhmZTEyZjk0YmJAZXUwMS5zb25ldGVsLmNvbSIsImF1ZCI6ImFwaS5zb25ldGVsLmNvbSIsInNjb3BlIjpbInBhcnRpY2lwYW50LnJlYWQiLCJwYXJ0aWNpcGFudC53cml0ZSIsImNvbnZlcnNhdGlvbi5yZWFkIiwiY29udmVyc2F0aW9uLndyaXRlIl0sInBhcnRpY2lwYW50X2lkIjoiMzM4MzZlNjQtY2U0Ni00NmEzLThjZTMtOWI4ZmUxMmY5NGJiIiwiaXNzIjoiU29uZXRlbE5vZGUxMjMiLCJleHAiOjE3MjMzNzEwMzIsImlhdCI6MTcyMjA3NTAzMiwiY2xpZW50X2lkIjoic29uZXRlbC13ZWIiLCJhY2NfaWQiOjIwODE1NDU2NiwianRpIjoiNDZkOTExYWYtODIzYS00MGUzLTliYzktNmU5ZDhhOGE3YTVhIn0.Xt65TRspZ6nNCk192qPQmGKTCk-raCX3j-gfD2RxeDpVXNv8MzGxvTDVV-rSWa2tptrww2q6pCwAlHIbNxBNtZyqeTXtBQTNt21v-z0KxxfwPtEcxbJ2CBr99AZCLb94gRQSWQZHM25nNZfvidJlRNKFtcqF9U-9Azd7wX6F1nSwLqWHG9b3oi52Aym58gyFyhD5HtAJDD-vAUrNnAO6z0jM0US47kaBIa6zj_a4ogQurFrEFbnOV3RvYICov6gLfemt-9c-uE2T6iYUJY1H-6Rmoc8fLheMk7I7B_RDDO3GrGhfSly5UVbViOeRY6dFhwCa31t_X7anBDEdCKQO5A
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 27 Jul 2024 10:10:35 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; always
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
icserver:beta:9002
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=UTF-8
X-Frame-Options
DENY
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,x-sonetel-lang,x-sonetel-referrer
Expires
0
33836e64-ce46-46a3-8ce3-9b8fe12f94bb
beta-api.sonetel.com/p-api/participant/
571 B
1 KB
XHR
General
Full URL
https://beta-api.sonetel.com/p-api/participant/33836e64-ce46-46a3-8ce3-9b8fe12f94bb?fields=profile
Requested by
Host: widget.sonetel.com
URL: https://widget.sonetel.com/SonetelWidget.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.235.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-235-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d75d8cba53a456fe9ac1577a32667d47310acf9bc77c155270d7f441311c012b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; always
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://corebook.com.ng/
Authorization
Bearer eyJhbGciOiJSUzI1NiJ9.eyJwYXJ0aWNpcGFudF9qaWQiOiIzMzgzNmU2NC1jZTQ2LTQ2YTMtOGNlMy05YjhmZTEyZjk0YmJAZXUwMS5zb25ldGVsLmNvbSIsImF1ZCI6ImFwaS5zb25ldGVsLmNvbSIsInNjb3BlIjpbInBhcnRpY2lwYW50LnJlYWQiLCJwYXJ0aWNpcGFudC53cml0ZSIsImNvbnZlcnNhdGlvbi5yZWFkIiwiY29udmVyc2F0aW9uLndyaXRlIl0sInBhcnRpY2lwYW50X2lkIjoiMzM4MzZlNjQtY2U0Ni00NmEzLThjZTMtOWI4ZmUxMmY5NGJiIiwiaXNzIjoiU29uZXRlbE5vZGUxMjMiLCJleHAiOjE3MjMzNzEwMzIsImlhdCI6MTcyMjA3NTAzMiwiY2xpZW50X2lkIjoic29uZXRlbC13ZWIiLCJhY2NfaWQiOjIwODE1NDU2NiwianRpIjoiNDZkOTExYWYtODIzYS00MGUzLTliYzktNmU5ZDhhOGE3YTVhIn0.Xt65TRspZ6nNCk192qPQmGKTCk-raCX3j-gfD2RxeDpVXNv8MzGxvTDVV-rSWa2tptrww2q6pCwAlHIbNxBNtZyqeTXtBQTNt21v-z0KxxfwPtEcxbJ2CBr99AZCLb94gRQSWQZHM25nNZfvidJlRNKFtcqF9U-9Azd7wX6F1nSwLqWHG9b3oi52Aym58gyFyhD5HtAJDD-vAUrNnAO6z0jM0US47kaBIa6zj_a4ogQurFrEFbnOV3RvYICov6gLfemt-9c-uE2T6iYUJY1H-6Rmoc8fLheMk7I7B_RDDO3GrGhfSly5UVbViOeRY6dFhwCa31t_X7anBDEdCKQO5A
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 27 Jul 2024 10:10:35 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; always
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
participant-api:beta:9019
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=UTF-8
X-Frame-Options
DENY
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,x-sonetel-lang,x-sonetel-referrer
Expires
0
token
beta-api.sonetel.com/ic-server/ic-server/ Frame
0
0
Preflight
General
Full URL
https://beta-api.sonetel.com/ic-server/ic-server/token
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.235.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-235-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; always

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://corebook.com.ng
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,Content-Range,Range,x-sonetel-lang,x-sonetel-referrer
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Connection
keep-alive
Content-Length
0 0
Content-Type
application/octet-stream text/plain charset=UTF-8
Date
Sat, 27 Jul 2024 10:10:35 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000; includeSubDomains; always
33836e64-ce46-46a3-8ce3-9b8fe12f94bb
beta-api.sonetel.com/p-api/participant/ Frame
0
0
Preflight
General
Full URL
https://beta-api.sonetel.com/p-api/participant/33836e64-ce46-46a3-8ce3-9b8fe12f94bb?fields=profile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.235.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-235-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; always

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://corebook.com.ng
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,Content-Range,Range,x-sonetel-lang,x-sonetel-referrer
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Connection
keep-alive
Content-Length
0 0
Content-Type
application/octet-stream text/plain charset=UTF-8
Date
Sat, 27 Jul 2024 10:10:35 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000; includeSubDomains; always
EF0808.png
imgcdn1.jdi5.com/img/
133 B
624 B
Image
General
Full URL
https://imgcdn1.jdi5.com/img/EF0808.png
Requested by
Host: corebook.com.ng
URL: https://corebook.com.ng/site-category.html?to-page=NorthWest
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:10:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11717338
x-powered-by
PHP/5.6.40
alt-svc
h3=":443"; ma=86400
content-length
133
last-modified
Wed, 13 Mar 2024 19:21:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwaxpfFjA%2FDTzuG9imjyWuuVvfRmjps5reA5Nrrhq2Ec8qiF7kCORsNZlmASIMrSx6zQnIL8Fc7xnWY66qzMJ4q3%2FCeyLqdo5OOd5DbwwBqYZVlksUq%2Fab1%2BsYJsIpxhuc9g"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8a9bd728cafa1c80-AMS
expires
Thu, 13 Mar 2025 19:21:37 GMT
chat-widget
beta-api.sonetel.com/settings/account/208154566/cs/
105 B
1 KB
XHR
General
Full URL
https://beta-api.sonetel.com/settings/account/208154566/cs/chat-widget
Requested by
Host: widget.sonetel.com
URL: https://widget.sonetel.com/SonetelWidget.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.235.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-235-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
11d11eae2d2466b644c84e47e5f787fd8374eddb70cc4af47d19539758783e3a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; always
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://corebook.com.ng/
Authorization
Bearer eyJhbGciOiJSUzI1NiJ9.eyJwYXJ0aWNpcGFudF9qaWQiOiIzMzgzNmU2NC1jZTQ2LTQ2YTMtOGNlMy05YjhmZTEyZjk0YmJAZXUwMS5zb25ldGVsLmNvbSIsImF1ZCI6ImFwaS5zb25ldGVsLmNvbSIsInNjb3BlIjpbInBhcnRpY2lwYW50LnJlYWQiLCJwYXJ0aWNpcGFudC53cml0ZSIsImNvbnZlcnNhdGlvbi5yZWFkIiwiY29udmVyc2F0aW9uLndyaXRlIl0sInBhcnRpY2lwYW50X2lkIjoiMzM4MzZlNjQtY2U0Ni00NmEzLThjZTMtOWI4ZmUxMmY5NGJiIiwiaXNzIjoiU29uZXRlbE5vZGUxMjMiLCJleHAiOjE3MjMzNzEwMzIsImlhdCI6MTcyMjA3NTAzMiwiY2xpZW50X2lkIjoic29uZXRlbC13ZWIiLCJhY2NfaWQiOjIwODE1NDU2NiwianRpIjoiNDZkOTExYWYtODIzYS00MGUzLTliYzktNmU5ZDhhOGE3YTVhIn0.Xt65TRspZ6nNCk192qPQmGKTCk-raCX3j-gfD2RxeDpVXNv8MzGxvTDVV-rSWa2tptrww2q6pCwAlHIbNxBNtZyqeTXtBQTNt21v-z0KxxfwPtEcxbJ2CBr99AZCLb94gRQSWQZHM25nNZfvidJlRNKFtcqF9U-9Azd7wX6F1nSwLqWHG9b3oi52Aym58gyFyhD5HtAJDD-vAUrNnAO6z0jM0US47kaBIa6zj_a4ogQurFrEFbnOV3RvYICov6gLfemt-9c-uE2T6iYUJY1H-6Rmoc8fLheMk7I7B_RDDO3GrGhfSly5UVbViOeRY6dFhwCa31t_X7anBDEdCKQO5A
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 27 Jul 2024 10:10:36 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; always
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
settings:beta:9006
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=UTF-8
X-Frame-Options
DENY
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Cache-Control
max-age=120, public
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,x-sonetel-lang,x-sonetel-referrer
Expires
Sat, 27 Jul 2024 10:12:36 GMT
chat-widget
beta-api.sonetel.com/settings/account/208154566/cs/ Frame
0
0
Preflight
General
Full URL
https://beta-api.sonetel.com/settings/account/208154566/cs/chat-widget
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.235.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-235-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; always

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://corebook.com.ng
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,Content-Range,Range,x-sonetel-lang,x-sonetel-referrer
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Cache-Control
max-age=120
Connection
keep-alive
Content-Length
0 0
Content-Type
application/octet-stream text/plain charset=UTF-8
Date
Sat, 27 Jul 2024 10:10:35 GMT
Expires
Sat, 27 Jul 2024 10:12:35 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000; includeSubDomains; always
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JF6KD7RVTT&gtm=45je47o0v9114343950za200&_p=1722075031270&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1209636271.1722075032&ul=nl-nl&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1722075031&sct=1&seg=0&dl=https%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&dt=Backpage%20NorthWest%20Escorts%20%C2%A6%20CoreBookpage%20NorthWest%20Classifieds&en=corebook.com.ng&_ee=1&ep.event_category=corebook.com.ng&ep.event_label=corebook.com.ng&_et=17&tfd=11519
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JF6KD7RVTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 10:10:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://corebook.com.ng
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P0LJR3FHEL&gtm=45je47o0v867598820za200zb9114343950&_p=1722075031270&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1209636271.1722075032&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1722075032&sct=1&seg=0&dl=https%3A%2F%2Fcorebook.com.ng%2Fsite-category.html%3Fto-page%3DNorthWest&dt=Backpage%20NorthWest%20Escorts%20%C2%A6%20CoreBookpage%20NorthWest%20Classifieds&en=corebook.com.ng&_ee=1&ep.event_category=corebook.com.ng&ep.event_label=corebook.com.ng&_et=3&tfd=11727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://corebook.com.ng/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 10:10:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://corebook.com.ng
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| AnyTrack object| Trustpilot object| regeneratorRuntime object| FontAwesomeConfig object| ___FONT_AWESOME___ boolean| __VUE__ object| bitlabsSDK number| __mobxInstanceCount number| __global_unique_id__ function| _ function| setImmediate function| clearImmediate object| SLC_WIDGET object| SonetelWidget function| scrollFunction function| topFunction function| gtag object| dataLayer object| _Hasync object| google_tag_manager object| google_tag_data object| sc_olimg_var object| pn string| w_h function| online function| sc_onlineimagei function| ct_inserti function| drawText_onlinei function| errorMsgi string| title string| GoogleAnalyticsObject function| ga object| j object| gaGlobal function| kizload function| onYouTubeIframeAPIReady object| js function| chfh function| chfh2 string| _HST_cntval object| Histats object| gaplugins object| gaData object| ifrm object| _HistatsCounterGraphics_0_setValues

36 Cookies

Domain/Path Name / Value
.corebook.com.ng/ Name: corebook_com_ng
Value: q6cmfi3ud2q80cqipliisv4tgn
.corebook.com.ng/ Name: _atcid
Value: f7DkgOl5vLOWlx
.corebook.com.ng/ Name: _atcid-pt
Value: 1722075027134
.corebook.com.ng/ Name: chat_widget_sessionId
Value: 9f47c63a-c9f4-4c05-9b95-8bf1b3310e2d
.corebook.com.ng/ Name: _ga_JF6KD7RVTT
Value: GS1.1.1722075031.1.0.1722075031.0.0.0
.corebook.com.ng/ Name: _ga_P0LJR3FHEL
Value: GS1.1.1722075032.1.0.1722075032.0.0.0
corebook.com.ng/ Name: HstCfa4555742
Value: 1722075032417
corebook.com.ng/ Name: HstCla4555742
Value: 1722075032417
corebook.com.ng/ Name: HstCmu4555742
Value: 1722075032417
corebook.com.ng/ Name: HstPn4555742
Value: 1
corebook.com.ng/ Name: HstPt4555742
Value: 1
corebook.com.ng/ Name: HstCnv4555742
Value: 1
corebook.com.ng/ Name: HstCns4555742
Value: 1
.corebook.com.ng/ Name: _ga
Value: GA1.3.1209636271.1722075032
.corebook.com.ng/ Name: _gid
Value: GA1.3.13213395.1722075032
.corebook.com.ng/ Name: _gat
Value: 1
.corebook.com.ng/ Name: _gat_gtag_UA_46789381_60
Value: 1
.corebook.com.ng/ Name: _ga_HYY21FHH92
Value: GS1.3.1722075034.1.0.1722075034.60.0.0
.aliexpress.com/ Name: acs_usuc_t
Value: x_csrf=ednwhyxzeu0s&acs_rt=23cc65624fbb4348bf8d7ca27d09dafb
.aliexpress.com/ Name: aeu_cid
Value: 2595a80e2b9e4639bfb35275d6bca873-1722075035825-06493-_ePNSNV
.aliexpress.com/ Name: xman_t
Value: 6PCRMEEQfVOmnXHRuKb6+zRDIaGdYsTvppE7vb+pPFOfugE334Ar/OQPeXV5C8Rk
.aliexpress.com/ Name: xman_f
Value: EykhNAl8BKFDoBzUEOCS4RESXOspjHSLcp3SrktsFQjYvRn4mXVLaWfX41ze0zH0fch0APjC1Na480mBrbw8xaAr3/c25ReJ7ZnwsOh45etjAV3E+BrjTw==
.notino.nl/ Name: __cf_bm
Value: 3o4naZAIBWn2QsaSBDMuS9TwluipkV_j612eP.JVykM-1722075036-1.0.1.1-gFchKM9qefT7ZUOHV8FJ.b0zo7RWc3KBjjaWAZNCym08H3_fc_RSGV3am1bqJ5hiH_Zwhn3bbPLYJtUpZ_gTRg
.aliexpress.com/ Name: xman_us_f
Value: x_locale=nl_NL&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%222595a80e2b9e4639bfb35275d6bca873-1722075035825-06493-_ePNSNV%22%2C%22af%22%3A%22656490%22%2C%22affiliateKey%22%3A%22_ePNSNV%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22177275576%22%2C%22tagtime%22%3A1722075035825%7D&acs_rt=23cc65624fbb4348bf8d7ca27d09dafb
.aliexpress.com/ Name: aep_usuc_f
Value: site=nld&c_tp=EUR&region=NL&b_locale=nl_NL
.aliexpress.us/ Name: xman_us_f
Value: x_l=0&x_locale=nl_NL&x_c_chg=1&x_c_synced=1
.aliexpress.us/ Name: aep_usuc_f
Value: region=NL&site=nld&b_locale=nl_NL&c_tp=EUR
.aliexpress.us/ Name: acs_usuc_t
Value: acs_rt=773807c70ec348ffa1bfb4444d4d213f&x_csrf=10mr1ahowuzxy
.aliexpress.us/ Name: xman_t
Value: P8sSGNVcDt6Du/RACA5r9qT4YY5r2sC7w/iwGkcADTGOLM3JlWhBVVH4pxzmFkO/
.aliexpress.us/ Name: xman_f
Value: sD0MsjJ3TBMby6b9Xd8JRv4XGBDtj87gOg45ncA4qu/ZF2bq643CfDDqI/6RPlw7
.aliexpress.ru/ Name: xman_us_f
Value: x_l=0&x_locale=nl_NL&x_c_chg=1&x_c_synced=1
.aliexpress.ru/ Name: aep_usuc_f
Value: region=NL&site=nld&b_locale=nl_NL&c_tp=EUR
.aliexpress.ru/ Name: acs_usuc_t
Value: acs_rt=52aef0e92f57443c944bdd8f5fabd8d1&x_csrf=6e_fcxyxnckl
.aliexpress.ru/ Name: xman_t
Value: 2pYuOG5pVDICl4qRVZkPsdDsw2k6HenqCen0dGh4jytHursNguTRqvgc0di9/l1O
.aliexpress.ru/ Name: xman_f
Value: cNvQi1h5/QLCNelA/1AXnTp1D8cyIKSXKjLovKD2WwKBqNsPcNG/xjn66W8Eu6AX
.aliexpress.com/ Name: isg
Value: BH19CFhTxzjsYWPUaO2URvkVjNB3GrFswEelDT_CuVQDdp2oB2rBPEskILIwbckk

1 Console Messages

Source Level URL
Text
rendering warning URL: https://corebook.com.ng/site-category.html?to-page=NorthWest(Line 2)
Message:
The value "device-w­idth" for key "width" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a11ybar.com
aino7.sbs
api.sonetel.com
assets.anytrack.io
best.aliexpress.com
beta-api.sonetel.com
corebook.com.ng
counter.jdi5.com
fastcdn.jdi5.com
imgcdn1.jdi5.com
kizpush.xyz
korfo.org
nethcdn.com
okbackpage.000webhostapp.com
powered-by-revidy.com
region1.analytics.google.com
region1.google-analytics.com
s.click.aliexpress.com
s04.flagcounter.com
s10.histats.com
s4.histats.com
sdk.bitlabs.ai
sstatic1.histats.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
t1.anytrack.io
tinyfast.xyz
widget.sonetel.com
widget.trustpilot.com
www.google-analytics.com
www.google.nl
www.googletagmanager.com
104.18.10.207
13.224.189.93
142.132.202.70
142.250.185.136
142.250.185.174
149.56.240.129
149.56.240.27
172.67.136.238
172.67.165.78
172.67.203.105
184.30.210.6
188.114.96.3
188.114.97.3
2001:4860:4802:34::36
206.221.176.133
216.239.32.36
2600:9000:235a:b600:9:402a:cb40:93a1
2606:4700:10::6814:1347
2620:1ec:bdf::42
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9c
2a02:4780:dead:2329::1
2a05:d018:ce9:9501:2178:821f:375b:7d49
34.193.235.220
34.235.209.192
99.86.4.91
024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
09d280002276d836563ce950ef3cea2ddc7f68161e4455b4e2faa61cf3aba00a
0e92ed473e3da5cbc3cc5222c6da4c793a2fecad429141f4f4340087bca4415e
11d11eae2d2466b644c84e47e5f787fd8374eddb70cc4af47d19539758783e3a
1f1406105e756f57e5840159f28263a7c4313c120e1054641b206b8b0b975519
249defcee01ed156870995dd6ba5505789f09cac8357a9d4ee71cef68a517bbd
27dc4af9cecaae0078063db7169e6637879233e7d397d5b9d5b3bef5e8ae1006
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
459d0490ce0fa6c3b59ad34d4d37c701dff345caec06da6689efc362465d6b92
4e70fd5c00483d52d860053590f49b91d23285c6f4339d017f18f2a6e252250d
649b0c90e11108e6ec5a259c9678798c930618453e47c822cdb538599655c4a5
668dbac92ab8c473fa075f36e9de7a2572e84ae0ab0c8a8c0357d1cb004b806f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
735cefd1d8fde7cc3e3944ec006e3794fca2a5328ebdfffa7be9935da19f4c38
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
925f6381642b7b34ee67b58ef970619095b30ad05d6f56910306c63086a5ace8
93759df90ec11726fc466db0a296ea6d5cd518af5c42bd5f1d126ee8b4761a37
94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1
96f507050583d3131f9330f1aeba00c085fc035fdaedf3fc637a3bfd372a7359
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a58450475619d172d08c462c1a4e60bc40f79423ec659f4600f1a91ca73f57f2
ae723359f13e5593e4c492c99a8d4751a3349efc137fb3ea701a991c4867b242
b0c86e16eaecb725714a80cac40e005ab5f6b82dfdf329d051472b92a4c6091d
be3654296cd557c79589acb379b50b68eedae9e53a5dd5c0e47b6224c4984526
d5889821be8a859f10daca77e9c986c17dddde39ced0c9d0b6466808d00fbbad
d75d8cba53a456fe9ac1577a32667d47310acf9bc77c155270d7f441311c012b
da5075f0faf668a23e97a93a4fd30d91c087c5075b82ab061a2a57e8593cee94
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe4146c226afab7a30c7dfa36827f2572a708f1fc96c8fa9247910c5005088c
e27a09c377d9200d99411176d0b35da6ab1e8ed1325363c42fee62fc695bff3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38a4325353c83a4443bd29e4bb8de911441110851fc1f154e512b93c1ef584f
fa0ada4c394dd9161d2f5f51c025f412183cf1e574c752da932aad107ea655b7
fdffca9efbc674cbbd615558e409a379ef070708b2607ce45b1ee596be839282