Report - zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=m.luvmenow.com&geo=US&sub1=740&sub2=22515&clickid=63d93f669551f50001890823

Report Overview

Submitted URL
zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=m.luvmenow.com&geo=US&sub1=740&sub2=22515&clickid=63d93f669551f50001890823
IP
18.184.38.55
ASN
#16509 AMAZON-02
Submitted
2023-01-31 16:19:18
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
zzotrack.com	470411	2021-01-12T07:31:38Z	2023-03-13T06:42:54Z	481 B	835 B	18.184.38.55
naughty-hub.com	unknown	2021-05-26T15:34:25Z	2023-03-13T08:52:33Z	29 kB	950 kB	18.198.238.160
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.149.242.38
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.7 kB	5.6 kB	142.250.74.131
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	372 B	21 kB	142.250.74.110
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	423 B	1.1 kB	216.58.211.4
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	441 B	166 kB	216.58.211.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	59 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.5 kB	64 kB	142.250.74.35
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	476 B	630 B	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-31 16:19:24	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoadedWrapper&render=explicit&hl=no	922 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoadedWrapper&render=explicit&hl=no IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:18:33 Last Seen2023-03-13 13:41:21 Times Seen1 Hash eca20d879cae88688c26323810a5e446 93fba19a4bc335d5e1fd45319572fa78fccebbe7 a6aeb59a6bc695f9ec555e9bba4023af2b8911d3320847c59192a7b95d2129c1 Loading...

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__no.js	413 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__no.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:18:33 Last Seen2023-03-13 13:41:21 Times Seen1 Hash 68d554e52ab1df089963ca05592d5a7f 00f932588e4ff6b4b957e69062464f5d723bb9a5 a01919a4431b1268e6cd61dec2d810d90a807ce2632f5f3d9c0aac44e5378021 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM&co=aHR0cHM6Ly9uYXVnaHR5LWh1Yi5jb206NDQz&hl=no&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=qr4vxog2m1bh	69 B	2023-03-07	2024-05-04
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM&co=aHR0cHM6Ly9uYXVnaHR5LWh1Yi5jb206NDQz&hl=no&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=qr4vxog2m1bh IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-04 20:52:56 Times Seen100745 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM&co=aHR0cHM6Ly9uYXVnaHR5LWh1Yi5jb206NDQz&hl=no&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=qr4vxog2m1bh	36 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM&co=aHR0cHM6Ly9uYXVnaHR5LWh1Yi5jb206NDQz&hl=no&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=qr4vxog2m1bh IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:26:19 Last Seen2023-03-13 13:26:19 Times Seen1 Hash fde44ad622cb8d6bd31c479511875422 d16ef4a9459a09bc6e1f9c1325d804c6e9c3e798 7e74740a3d4e37e09c5f788ee915626f5f6d9c0a93b3f14b176396e12723a080 Loading...

	www.google.com/recaptcha/api2/bframe?hl=no&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM	178 B	2023-03-09	2023-03-14
Pretty URL www.google.com/recaptcha/api2/bframe?hl=no&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:32:30 Last Seen2023-03-14 19:40:20 Times Seen1 Hash 961a3bd2fc8bda5dac75fda266158260 58dda122705284d4e18e0c46221c09d48278bd19 2d826f56b4d33671bdef9abc62b3bf63f66e398a83c213482ae50d070e57e197 Loading...

	naughty-hub.com/#/adv/HYC66?cid=w5hqn55njgght0am2o02ldc8&source=ff5c1bc0-53f1-4573-8083-234256664f4d&subsource=10_US	358 B	2023-03-07	2023-04-05
Pretty URL naughty-hub.com/#/adv/HYC66?cid=w5hqn55njgght0am2o02ldc8&source=ff5c1bc0-53f1-4573-8083-234256664f4d&subsource=10_US IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:43 Last Seen2023-04-05 02:10:54 Times Seen11 Hash 131bb765995f8d2eadc012fa4d0fdcf9 4500e8ab18ced884e95dfa3c7061d682641ad6f9 160736557ccb795ecf84fc9d5a7ee1394119fe9e58e271de50357a6818cea991 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0f48fd78a406eb6667e584168b0784c1	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash 0f48fd78a406eb6667e584168b0784c1 37743d32242a67dadfb76d656dd47018fa6e7391 0af0cb21968fe023d8ea63ee97d9b7172bb86ffeab2023aa51326d793e379a00 Loading...

	#2 Eval - 53c0880f8f32160b9d3b7cfd1ed057ed	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash 53c0880f8f32160b9d3b7cfd1ed057ed cf64a8578aac0cdbef32ee14885a2b2b68984ecc e62188d211f8522a0d02bbc2b5e8fea05d32dd1b03c4602c86673da2007d97dd Loading...

	#3 Eval - dc0c1d1ae1789271f3d76661e40eba86	64 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash dc0c1d1ae1789271f3d76661e40eba86 93d5679b5163dfbc63bbe3e2296d250a4221a62c 2c6fcc10d170735ea0103cebd297129fae592327ed69dbf1773991fe63c4d8d0 Loading...

	#4 Eval - e063d1953a17069ad02dbf986818b8dc	16 kB	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash e063d1953a17069ad02dbf986818b8dc 8abad2ce510b756a3ef25bd9298fe29c268e9eee d90538b891b0faa88bb08314660918942260c2ace5720f0bb44498bd13171c76 Loading...

	#5 Eval - 9940e8c2596ac60683e0d32592fd210f	16 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 13:26:19 Last Seen2023-03-13 13:26:19 Times Seen1 Hash 9940e8c2596ac60683e0d32592fd210f 8d1b08bb7ab29e556fe22b0ae466640adba88a72 0c120daaa263b63a024ddfe15be9f189bed4d3f489b9b3ff984b01b290651bd2 Loading...

	#6 Eval - 31a155e33b25f9e42fcfd139dded2c62	1.6 kB	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 13:26:19 Last Seen2023-03-14 05:45:37 Times Seen1 Hash 31a155e33b25f9e42fcfd139dded2c62 3211a4fa0f43b1985d9ef2d770b9d9ff2844955c d349a631d72f77e40c6555510f73e5c19d5ea9542c3e1f0d8c5c360d153661bb Loading...

	#7 Eval - 9dd98cbb6ad14c3cdae1f8e3d51104fe	16 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:58:10 Last Seen2023-03-13 13:26:19 Times Seen1 Hash 9dd98cbb6ad14c3cdae1f8e3d51104fe c5a0d907ca8afb8f98d97487d2710d1bcd2e9cb1 ed46665103ed939b1f470af4fd6c9716099b0b18076889bf675ab8f16b43b7ea Loading...

HTTP Transactions (66)

	URL	IP	Response	Size
	zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=m.luvmenow.com&geo=US&sub1=740&sub2=22515&clickid=63d93f669551f50001890823	18.184.38.55	302	0 B
URL HTTP/1.1 zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=m.luvmenow.com&geo=US&sub1=740&sub2=22515&clickid=63d93f669551f50001890823 IP 18.184.38.55:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=m.luvmenow.com&geo=US&sub1=740&sub2=22515&clickid=63d93f669551f50001890823 HTTP/1.1 Host: zzotrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Server: nginx Date: Tue, 31 Jan 2023 16:19:07 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://naughty-hub.com/#/adv/HYC66?cid=w5hqn55njgght0am2o02ldc8&source=ff5c1bc0-53f1-4573-8083-234256664f4d&subsource=10_US Pragma: no-cache Set-Cookie: ff5c1bc0-53f1-4573-8083-234256664f4d-v4=40mLKDYPwIGiDnFBg7KSKaRdYcdrZCww4hax6V0cnAU; Max-Age=86400; Expires=Wed, 01-Feb-2023 16:19:07 GMT; Domain=zzotrack.com; Path=/; HttpOnly cc-v4=KTU%2Fwn%2Fx%2BKjFEMbII%2BZEvb9Ljpx%2Bt8q1qxeqa2NIsS7esJKst3zg47P0%2FmDqlWwZ051Mc1NHP8ZgP8eCjnA90VJxiTGnUAOizrPS4VE2txSd%2FuJrj9jH%2F%2BOeM5Rk7GAPR2dxSC%2FSZ7MO8V3o9uzdiQ%3D%3D; Max-Age=31536000; Expires=Wed, 31-Jan-2024 16:19:07 GMT; Domain=zzotrack.com; Path=/; HttpOnly

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d2e72d45afe3d391c204b5391599607c 149d68b9d00a720b6f380fa2324779dca9dbe26d f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15169 Expires: Tue, 31 Jan 2023 20:31:56 GMT Date: Tue, 31 Jan 2023 16:19:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 0c35c3ec659d3a26ea97e68d787bb043 d97e3672244efec5b7814f2d8a734cd1a9387854 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2656 Expires: Tue, 31 Jan 2023 17:03:23 GMT Date: Tue, 31 Jan 2023 16:19:07 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 31 Jan 2023 15:43:17 GMT content-type: application/json age: 2150 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 09ee4b0fe6cf4ca5ed31b24452338d00 7e62b6e20f0d4737f4a8d94f9818a0883027839e 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6883 Expires: Tue, 31 Jan 2023 18:13:50 GMT Date: Tue, 31 Jan 2023 16:19:07 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: nKdvxGpfeF/qZIZol0AbrgnmDL1BWg+O6nrLCuhx9Rf9qZvTzi22HBCVTR0VeSwm/D90P2qGWdK1riw8VILf4Q== x-amz-request-id: 90D7WQZJ7E0RDRSW content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 31 Jan 2023 15:51:13 GMT age: 1674 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 72b1c87a22beb40af2f0f6b7e16fb9df 2917b899f0db186ce90bc798840aaeada38149c2 ad54ee7d782739760fef7999e58572624cc63ce13b392c91a41ff568399a81bf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "AD54EE7D782739760FEF7999E58572624CC63CE13B392C91A41FF568399A81BF" Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5745 Expires: Tue, 31 Jan 2023 17:54:52 GMT Date: Tue, 31 Jan 2023 16:19:07 GMT Connection: keep-alive`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 31 Jan 2023 16:19:07 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	naughty-hub.com/	18.198.238.160	200 OK	684 B
URL HTTP/1.1 naughty-hub.com/ IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 684 B (684 bytes) Hash 017f44e6e86cc16956462842973b086f a52a4a2c66dab80064f9b045ecc35f4084a5d49b 5cd84c5a77aecf53b95cf4812ec32f83746ae7d9c014122d6cc996962056c98f HTTP Headers `GET / HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:07 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-store Link: <https://www.gstatic.com>; rel=preconnect; crossorigin, <https://www.google.com>; rel=preconnect; crossorigin, <https://www.google-analytics.com>; rel=preconnect; crossorigin X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/app/css/bundle.min.css?46	18.198.238.160	200 OK	101 kB
URL HTTP/1.1 naughty-hub.com/app/css/bundle.min.css?46 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (51928) Size 101 kB (101109 bytes) Hash ef21bb91a0f95762088f2270691f6bca 6bd382b1ae7fa30502962879d5018c3c208964d6 9a650ec1d16510bba4136e6695cf057294be9060c80e179dfeeabee430c3801c HTTP Headers `GET /app/css/bundle.min.css?46 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:07 GMT Content-Type: text/css Last-Modified: Tue, 24 Jan 2023 12:29:02 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"63cfcf0e-e02d7" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/app/app.min.js?46	18.198.238.160	200 OK	565 kB
URL HTTP/1.1 naughty-hub.com/app/app.min.js?46 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (32035) Size 565 kB (564878 bytes) Hash 8fe949dc58d12a073bbc3c157c116115 13e16cee87877f9df8bcffed967cde602ad52707 f1ef77728c97eda0ba472ad4ada244bf41be1b20a428c2f3ceac2d095b4d7c07 HTTP Headers `GET /app/app.min.js?46 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:07 GMT Content-Type: application/javascript Last-Modified: Tue, 24 Jan 2023 12:29:02 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"63cfcf0e-22c4a2" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 31 Jan 2023 15:41:42 GMT age: 2245 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	naughty-hub.com/app/fonts/proximanova-regular-webfont.woff2	18.198.238.160	200 OK	35 kB
URL HTTP/1.1 naughty-hub.com/app/fonts/proximanova-regular-webfont.woff2 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 34889, version 3.327\012- data Size 35 kB (34889 bytes) Hash 956599cecc8b2be8f010fec90b86283c a87d277eee06a0fa77db95fd5dc655c0e886a912 ce0aeeb05f9b23bafb4819167c2eff482f5ce443e613cf5bf60b46d20090404b HTTP Headers `GET /app/fonts/proximanova-regular-webfont.woff2 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://naughty-hub.com/app/css/bundle.min.css?46 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:07 GMT Content-Type: font/woff2 Content-Length: 34889 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-8849" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12647 Expires: Tue, 31 Jan 2023 19:49:55 GMT Date: Tue, 31 Jan 2023 16:19:08 GMT Connection: keep-alive`

	naughty-hub.com/api/settings/global?t=1675181965784	18.198.238.160	200 OK	672 B
URL HTTP/1.1 naughty-hub.com/api/settings/global?t=1675181965784 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1203), with no line terminators Size 672 B (672 bytes) Hash f5fa6716a3747f3ec3f834981bddcd87 0749dab4f444ab75794a822f8a752a81d120333b 664ce789818f215346a5bc63d0e174cf66ccc733beee52042f5b3bac8ac012d7 HTTP Headers `GET /api/settings/global?t=1675181965784 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/app/icons/57x57.png	18.198.238.160	200 OK	501 B
URL HTTP/1.1 naughty-hub.com/app/icons/57x57.png IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type PNG image data, 58 x 57, 8-bit/color RGBA, non-interlaced\012- data Size 501 B (501 bytes) Hash 80c8a8a790cd05af535cd8e6091a3346 3f10ca73f95e6d4c22e91adecdcf1c7292ed7dd2 cf3977fe39f74fb664f6433f7bd41d79c92ff765ef8f8a57a69913af3d4a6a71 HTTP Headers `GET /app/icons/57x57.png HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: image/png Content-Length: 501 Last-Modified: Thu, 01 Sep 2022 09:52:48 GMT Connection: keep-alive ETag: "631080f0-1f5" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/icons/144x144.png	18.198.238.160	200 OK	873 B
URL HTTP/1.1 naughty-hub.com/app/icons/144x144.png IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type PNG image data, 145 x 144, 8-bit/color RGBA, non-interlaced\012- data Size 873 B (873 bytes) Hash ce4be90699bb55414d8b851294954e19 176b89110cae67feb767a2b957fe71909684575d 75326428d53d1ec277681154f1fe36bee0af927a38a24306c0bae09b552ca86e HTTP Headers `GET /app/icons/144x144.png HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: image/png Content-Length: 873 Last-Modified: Thu, 01 Sep 2022 09:52:48 GMT Connection: keep-alive ETag: "631080f0-369" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/adv/index2.html	18.198.238.160	200 OK	149 B
URL HTTP/1.1 naughty-hub.com/app/adv/index2.html IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type ASCII text Size 149 B (149 bytes) Hash cc468f7f69a9398e9d0ae5877dab035f 7fa60518571c1ab6ef7bfc37248e28c288591588 8ca0768db4e4a7ea7137f45ad95fc2b0b7bd4a66104650b4a4fe6a74ac3c9aa1 HTTP Headers `GET /app/adv/index2.html HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: text/html Content-Length: 149 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-95" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash d81f874741beb45c89de8bb5c6de438e a251ab903e654953631d84721479bbae55aa5cdf ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 16:19:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google-analytics.com/analytics.js	142.250.74.110	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.110:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1490) Size 20 kB (20085 bytes) Hash ca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Tue, 31 Jan 2023 15:46:59 GMT expires: Tue, 31 Jan 2023 17:46:59 GMT cache-control: public, max-age=7200 age: 1929 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	push.services.mozilla.com/	54.149.242.38	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.149.242.38:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: s3PKD8u5eHrJoAuNc9mDKA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: IwIbl/gLY7MooCizHgZVsHeUdJQ=`

	naughty-hub.com/api/auth/adv-page	18.198.238.160	200 OK	102 B
URL HTTP/1.1 naughty-hub.com/api/auth/adv-page IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 102 B (102 bytes) Hash 098d2ba265aaa9d8815bb0b0099e9f07 6a4792e1d59b07f43caa147e7d8a750dea9e35db 207fdd2f3b6e13039ddb677ff5a791840da6d781ff0eee217c3a96b62e0fd1de HTTP Headers `POST /api/auth/adv-page HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 18 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Content-Length: 102 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash d81f874741beb45c89de8bb5c6de438e a251ab903e654953631d84721479bbae55aa5cdf ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 16:19:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	naughty-hub.com/app/fonts/proximanova-light-webfont.woff2	18.198.238.160	200 OK	35 kB
URL HTTP/1.1 naughty-hub.com/app/fonts/proximanova-light-webfont.woff2 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 34893, version 3.327\012- data Size 35 kB (34893 bytes) Hash 8663158e9d91a253b64f1fde77e57dc0 010aa78b26a3834cd0125e8b3537b4d3b1429bf2 bfd4d65d15394e9768192fd83f1ced5c3819fd6c282b457f9dd49f2f2f67c7ba HTTP Headers `GET /app/fonts/proximanova-light-webfont.woff2 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://naughty-hub.com/app/css/bundle.min.css?46 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: font/woff2 Content-Length: 34893 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-884d" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/api/auth/check/HYC38	18.198.238.160	200 OK	17 B
URL HTTP/1.1 naughty-hub.com/api/auth/check/HYC38 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 17 B (17 bytes) Hash c0a4229f65148628b26e451304ddac68 50855475058d6ab5f50fd9a4d3aa24c8431ba52f 06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03 HTTP Headers POST /api/auth/check/HYC38 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 135 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Content-Length: 17 Connection: keep-alive Set-Cookie: glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; Max-Age=315360000; Path=/; Expires=Fri, 28 Jan 2033 16:19:08 GMT; HttpOnly; Secure; SameSite=None plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; Max-Age=315360000; Path=/; Expires=Fri, 28 Jan 2033 16:19:08 GMT; HttpOnly; Secure; SameSite=None clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk; Max-Age=86400; Path=/; Expires=Wed, 01 Feb 2023 16:19:08 GMT; HttpOnly; Secure; SameSite=None X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	naughty-hub.com/api/auth/load-ui-lang-overrides/HYC38	18.198.238.160	200 OK	16 B
URL HTTP/1.1 naughty-hub.com/api/auth/load-ui-lang-overrides/HYC38 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 16 B (16 bytes) Hash 7363e85fe9edee6f053a4b319588c086 a15e2127145548437173fc17f3e980e3f3dee2d0 c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 HTTP Headers POST /api/auth/load-ui-lang-overrides/HYC38 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 2 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Content-Length: 16 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	naughty-hub.com/api/auth/adv-page	18.198.238.160	200 OK	102 B
URL HTTP/1.1 naughty-hub.com/api/auth/adv-page IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 102 B (102 bytes) Hash 098d2ba265aaa9d8815bb0b0099e9f07 6a4792e1d59b07f43caa147e7d8a750dea9e35db 207fdd2f3b6e13039ddb677ff5a791840da6d781ff0eee217c3a96b62e0fd1de HTTP Headers POST /api/auth/adv-page HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 18 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Content-Length: 102 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	naughty-hub.com/app/adv/pages/uUdY0SOUs/translations.json?t=1675181966116	18.198.238.160	200 OK	1.4 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/uUdY0SOUs/translations.json?t=1675181966116 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators Size 1.4 kB (1425 bytes) Hash c9d87cf1719fbd1e28682ba4141bc5ec d7df615b0488c1ce25fe3a9e61806e545c75534d dca7b4de220fa3f6d424e03ad81198a34898c2035fc7a11194a9f421dbe3c4f4 HTTP Headers GET /app/adv/pages/uUdY0SOUs/translations.json?t=1675181966116 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json Last-Modified: Tue, 14 Dec 2021 16:43:46 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"61b8c9c2-f4e" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/api/auth/my-country	18.198.238.160	200 OK	4 B
URL HTTP/1.1 naughty-hub.com/api/auth/my-country IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type ASCII text, with no line terminators Size 4 B (4 bytes) Hash e053b472d8c218cfc5d7343f16149bfe 7d8d3d93f7dde8cbff976bfb5b40dc01c9cbd462 8715f26d0d6e170f900e60938fedd70eb9b8b227166bb66a99ace161a7f936bf HTTP Headers POST /api/auth/my-country HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 2 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Content-Length: 4 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	naughty-hub.com/api/profile/public/countries/en	18.198.238.160	200 OK	5.9 kB
URL HTTP/1.1 naughty-hub.com/api/profile/public/countries/en IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (28494), with no line terminators Size 5.9 kB (5899 bytes) Hash 4b17f4ec65920daf9aa079850c0ff271 62795a5fb6429fe7b04e8cec83923115d7753d8e 950b79da237d196250a0978b75432aea043cead53295f0af0eaabc36143c4988 HTTP Headers POST /api/profile/public/countries/en HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 2 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/locale/no?t=1675181966159	18.198.238.160	200 OK	20 kB
URL HTTP/1.1 naughty-hub.com/locale/no?t=1675181966159 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (63484), with no line terminators Size 20 kB (20495 bytes) Hash e33161a59c2faedbf23ad3fc41936f98 adf3a74efe2f8433847588eec74f85382bf32ca3 2b1404e0a2bc8a38e6284cf91ffda046047202b69d8105805ac939d1c5fb1d91 HTTP Headers GET /locale/no?t=1675181966159 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/api/settings/landing-texts	18.198.238.160	200 OK	0 B
URL HTTP/1.1 naughty-hub.com/api/settings/landing-texts IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /api/settings/landing-texts HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 16 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Content-Length: 0 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 2ac1bcdceabf1fc4e07017906aa8a815 ba00b737325fc50b35af8d851ced0fe13d1cba22 c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 16:19:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoadedWrapper&render=explicit&hl=no	216.58.211.4	200 OK	585 B
URL HTTP/2 www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoadedWrapper&render=explicit&hl=no IP 216.58.211.4:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (922), with no line terminators Size 585 B (585 bytes) Hash ef3f9c2e8707b90cc3837503aab7a3dc 0c0c22f3ad3547984cd4fe3d88a4147da868a196 a0d216285fcaa89257b1ab0813f75c866ab8e025bee6b3aad792478752d40e2e HTTP Headers `GET /recaptcha/api.js?onload=vcRecaptchaApiLoadedWrapper&render=explicit&hl=no HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK expires: Tue, 31 Jan 2023 16:19:08 GMT date: Tue, 31 Jan 2023 16:19:08 GMT cache-control: private, max-age=300 content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 585 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	naughty-hub.com/api/profile/public/countries/no	18.198.238.160	200 OK	5.9 kB
URL HTTP/1.1 naughty-hub.com/api/profile/public/countries/no IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (28485), with no line terminators Size 5.9 kB (5915 bytes) Hash e07ea037d696cf7def0e6f42336993c6 5e1f5edb1a4590691d45fe756774a8faed45e3f4 512ce6a4777634f56cbb13540f3fbe3a6d010895738494e1d359b08bebc0eace HTTP Headers POST /api/profile/public/countries/no HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 2 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/api/profile/public/selections	18.198.238.160	200 OK	4.1 kB
URL HTTP/1.1 naughty-hub.com/api/profile/public/selections IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (24509), with no line terminators Size 4.1 kB (4074 bytes) Hash 9b550b038fa81f08b6ca542e3b04b747 4839381325d1e037c1d8f9f210a5adaa967f82d2 cd38ade91e46222e79f5087250a04f33586e6dd79602de6f7e50fd7a09d53842 HTTP Headers POST /api/profile/public/selections HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 38 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash e0bc98d03057dabba1334b62bea0975b b358a8123908fe4b1c94a1273cac45c4e23b212e 10ef320ba825ca0e17d039b66fd2f321f4d2c687a8734d226fa25e9b45e109d9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 16:19:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	naughty-hub.com/app/adv/pages/uUdY0SOUs/index.html?t=1675181966252	18.198.238.160	200 OK	3.4 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/uUdY0SOUs/index.html?t=1675181966252 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type HTML document, Unicode text, UTF-8 text, with very long lines (310), with CRLF line terminators Size 3.4 kB (3449 bytes) Hash 03d479a50754ac894abc9925d8063855 0bdef7b6722dbd46eb16d48165a3cdbbe301a36c c19139136891d2bf9e822f5ff33be2b22fe13b0fc9ab28a18e0d1a12aacd1917 HTTP Headers GET /app/adv/pages/uUdY0SOUs/index.html?t=1675181966252 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: text/html Last-Modified: Tue, 14 Dec 2021 16:43:46 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"61b8c9c2-4531" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/api/profile/public/get-offer-urls	18.198.238.160	200 OK	392 B
URL HTTP/1.1 naughty-hub.com/api/profile/public/get-offer-urls IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with very long lines (392), with no line terminators Size 392 B (392 bytes) Hash 2548926a2e9e582f36b26821129c940e 2153f3e24cca91b82e834d4992701a492b764a21 93abeb1ce24263a3ebc444d7aea7a8ceb623282bfff132eb0a149135abb3c606 HTTP Headers POST /api/profile/public/get-offer-urls HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 86 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Content-Length: 392 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 16:19:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__no.js	216.58.211.3	200 OK	165 kB
URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__no.js IP 216.58.211.3:0 ASN #15169 GOOGLE File type HTML document, ASCII text, with very long lines (658) Size 165 kB (164664 bytes) Hash b7e279966138ec75e847a79be35bc2a1 a67b7c6873b1e9774a962c60ce899f74316534fc 007328612131f74223d1a10be1acc0c147048c989a3ce7fa131a045f340a4771 HTTP Headers `GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__no.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 164664 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 28 Jan 2023 09:44:06 GMT expires: Sun, 28 Jan 2024 09:44:06 GMT cache-control: public, max-age=31536000 last-modified: Mon, 23 Jan 2023 01:02:00 GMT content-type: text/javascript age: 282902 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 16:19:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	naughty-hub.com/api/auth/my-location	18.198.238.160	200 OK	51 B
URL HTTP/1.1 naughty-hub.com/api/auth/my-location IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 51 B (51 bytes) Hash 1f3d00cb02ae605e15035d384130a56f ebfaae01250bc079698f19e648cbd6cb1c8d5392 09de7fa42b0fb515b2659e6b351ac5866fe967ed80dc5b72c94dd9613f46abe6 HTTP Headers POST /api/auth/my-location HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 2 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: application/json; charset=utf-8 Content-Length: 51 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 789b41f1f8027d4275a66ac9cb2f124d c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79 e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 16:19:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 16:19:08 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	naughty-hub.com/app/icons/flags/%7B%7Bvm.profile.country%7D%7D.png	18.198.238.160	404 Not Found	162 B
URL HTTP/1.1 naughty-hub.com/app/icons/flags/%7B%7Bvm.profile.country%7D%7D.png IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 70461da8b94c6ca5d2fda3260c5a8c3b 994bc667720c21257500e29038c1a5f61e25da1e f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee HTTP Headers GET /app/icons/flags/%7B%7Bvm.profile.country%7D%7D.png HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 404 Not Found Server: nginx Date: Tue, 31 Jan 2023 16:19:08 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive`

	naughty-hub.com/app/icons/flags/NO.png	18.198.238.160	200 OK	542 B
URL HTTP/1.1 naughty-hub.com/app/icons/flags/NO.png IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type PNG image data, 72 x 51, 8-bit/color RGBA, non-interlaced\012- data Size 542 B (542 bytes) Hash 4bcc0171d01b4e4d5a1d144290b937f4 59aca547a6631d6650ea22631dfb5ae20d663a2b 70d1f2a462a0cf7fb12c802fc0fbae8b9cb313e011f9d185d3b08aef1dd66bd6 HTTP Headers GET /app/icons/flags/NO.png HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:09 GMT Content-Type: image/png Content-Length: 542 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-21e" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/img2/logo-dark-background/landing.png?b=46	18.198.238.160	200 OK	1.3 kB
URL HTTP/1.1 naughty-hub.com/app/img2/logo-dark-background/landing.png?b=46 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type PNG image data, 288 x 73, 8-bit/color RGBA, non-interlaced\012- data Size 1.3 kB (1320 bytes) Hash dec82d6c7d33cf372e3c4b9a3414af35 02055f6ace569e70b40c6afd7b61a0642f070849 ae8278f34f3cc0406a1a0d8620e2a5ce6e1b15a81ff5b02e022b37841efeaeee HTTP Headers GET /app/img2/logo-dark-background/landing.png?b=46 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/app/css/bundle.min.css?46 Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:09 GMT Content-Type: image/png Content-Length: 1320 Last-Modified: Thu, 01 Sep 2022 09:52:48 GMT Connection: keep-alive ETag: "631080f0-528" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/fonts/proximanova-bold-webfont.woff2	18.198.238.160	200 OK	35 kB
URL HTTP/1.1 naughty-hub.com/app/fonts/proximanova-bold-webfont.woff2 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 34817, version 3.327\012- data Size 35 kB (34817 bytes) Hash 06e2b33c7a1ea2382d4b3d186a23064b 5bc4a79df42ce01df689f485505138a25e311b9e f2862e9eb293fe36d775b3e6aa801733d6c2d249ebdc7a92d433db94208839ea HTTP Headers GET /app/fonts/proximanova-bold-webfont.woff2 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://naughty-hub.com/app/css/bundle.min.css?46 Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:09 GMT Content-Type: font/woff2 Content-Length: 34817 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-8801" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/img2/sprite/sprite-x1.png?b=46	18.198.238.160	200 OK	111 kB
URL HTTP/1.1 naughty-hub.com/app/img2/sprite/sprite-x1.png?b=46 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type PNG image data, 2000 x 600, 8-bit/color RGBA, non-interlaced\012- data Size 111 kB (111440 bytes) Hash 18bed6ceffd07076124ed6f93f4db040 9be541c14a4b117d0953628a6eafa00ab2f286fc b5da7850a51b6fa030812d371151465465bd44a14fdc557eda784412126db129 HTTP Headers GET /app/img2/sprite/sprite-x1.png?b=46 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/app/css/bundle.min.css?46 Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Tue, 31 Jan 2023 16:19:09 GMT Content-Type: image/png Content-Length: 111440 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-1b350" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2	142.250.74.35	200 OK	31 kB
URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size 31 kB (30928 bytes) Hash ac0d2859ea5f8fd6bcb3c305c08ec184 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 HTTP Headers `GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://naughty-hub.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 27 Jan 2023 07:08:09 GMT expires: Sat, 27 Jan 2024 07:08:09 GMT cache-control: public, max-age=31536000 age: 378660 last-modified: Mon, 11 Jul 2022 18:57:39 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8324 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 16:19:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8324 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 16:19:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8324 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 16:19:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8324 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 16:19:09 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8324 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 16:19:09 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (13853 bytes) Hash d957012d3e2b8c3bc0eefe11d66e8554 1959fdd94846fa3791c4890578dd15336b909dcc a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13853 x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fk3zzF4hIAMFwWg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:48:17 GMT age: 66652 etag: "1959fdd94846fa3791c4890578dd15336b909dcc" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8558 bytes) Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5 04577ad69ee9749b14382254eb5bbf0e1edcd7fa 6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8558 x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffB_BFA8IAMFyvA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 03:24:36 GMT age: 46473 etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg	34.120.237.76	200 OK	5.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.9 kB (5903 bytes) Hash 42a648f9d34d8fb703f0b80a52e0deec 7ccefd66211d249ae5266c3b6ae3375a19e5cb6d a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5903 x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fboufGeSoAMF-1g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:03:25 GMT age: 69344 etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg	34.120.237.76	200 OK	7.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.3 kB (7333 bytes) Hash 01f406ed5d9b17a7aa00015301bddf94 d78e18830fc6cf231f66f95cc0e01520cfeebddf 33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7333 x-amzn-requestid: f03b3e95-5cc6-4749-83c2-d59d6fa9eb2b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fiVunGWXoAMFXyQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d7365d-40b9b11f3f33592829a98fbc;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 03:15:41 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: JAYN7gfwR0kEenTaM8mS_jGEYfwvcUGrjI_6wTb29wZfcLRuS2WHQA== via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:52:32 GMT age: 66397 etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6844 bytes) Hash 976dda397f9292a498ca9db5599c0378 dad9e9c3462907a2475046aee36d57f8309cd44e 7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6844 x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flZsxH0YIAMF9ew= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:42:39 GMT age: 52590 etag: "dad9e9c3462907a2475046aee36d57f8309cd44e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (9987 bytes) Hash 2c4934be94898028e2ab696561b51462 6cf734e2d29938688913daacfb75506d8e004a94 239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9987 x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flYlPF9uIAMFXMg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:56:35 GMT age: 51754 etag: "6cf734e2d29938688913daacfb75506d8e004a94" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2	142.250.74.35	200 OK	15 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Size 15 kB (15344 bytes) Hash 5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc HTTP Headers `GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15344 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 21:48:03 GMT expires: Fri, 26 Jan 2024 21:48:03 GMT cache-control: public, max-age=31536000 age: 412266 last-modified: Mon, 16 Oct 2017 17:32:55 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2	142.250.74.35	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Size 16 kB (15552 bytes) Hash 285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 HTTP Headers `GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15552 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 16:40:43 GMT expires: Fri, 26 Jan 2024 16:40:43 GMT cache-control: public, max-age=31536000 age: 430706 last-modified: Mon, 16 Oct 2017 17:33:02 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	naughty-hub.com/app/adv/pages/uUdY0SOUs/assets//landscape.mp4	18.198.238.160	206 Partial Content	0 B
URL HTTP/1.1 naughty-hub.com/app/adv/pages/uUdY0SOUs/assets//landscape.mp4 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /app/adv/pages/uUdY0SOUs/assets//landscape.mp4 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.42977460.1675181966; _gid=GA1.2.2009461915.1675181966; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzUxODE5NDg1NDN9LCJpYXQiOjE2NzUxODE5NDgsImV4cCI6MTk5MDU0MTk0OCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.leJdZxAnBfejewLE-4BCNFNVHai05HdL5eZlFkiZPBY; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoidzVocW41NW5qZ2dodDBhbTJvMDJsZGM4Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.mCj6tPzgk3wQpX7yhU8_gv9pGQG_dB06h1hA0WhNoZk; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzM4IiwiaWF0IjoxNjc1MTgxOTQ4LCJleHAiOjE5OTA1NDE5NDgsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.UjHsdE7k29qLmBm0wjKp06RLqqHC6ZosUhj_Wta1EVk Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 206 Partial Content Server: nginx Date: Tue, 31 Jan 2023 16:19:09 GMT Content-Type: video/mp4 Content-Length: 15583566 Last-Modified: Tue, 14 Dec 2021 16:43:46 GMT Connection: keep-alive ETag: "61b8c9c2-edc94e" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Range: bytes 0-15583565/15583566

	fonts.googleapis.com/css?family=Montserrat:wght@100,200,400,500,600,700,900&family=Roboto:wght@300;400;500;700;900&display=swap	142.250.74.74	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:wght@100,200,400,500,600,700,900&family=Roboto:wght@300;400;500;700;900&display=swap IP 142.250.74.74:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Montserrat:wght@100,200,400,500,600,700,900&family=Roboto:wght@300;400;500;700;900&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 31 Jan 2023 16:19:08 GMT date: Tue, 31 Jan 2023 16:19:08 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations