Report - zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=tracking.t0r4.com&geo=US&sub1=1366&sub2=1373&clickid=63dfa2cf90228f0001e42a70

Report Overview

Submitted URL
zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=tracking.t0r4.com&geo=US&sub1=1366&sub2=1373&clickid=63dfa2cf90228f0001e42a70
IP
18.184.38.55
ASN
#16509 AMAZON-02
Submitted
2023-02-05 12:37:02
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	423 B	1.1 kB	142.250.74.164
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	441 B	166 kB	216.58.211.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	63 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.33.119.27
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
naughty-hub.com	unknown	2021-05-26T15:34:25Z	2023-03-13T08:52:33Z	39 kB	2.7 MB	18.198.238.160
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.4 kB	49 kB	142.250.74.35
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	372 B	21 kB	142.250.74.78
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.37.14.141
zzotrack.com	470411	2021-01-12T07:31:38Z	2023-03-13T06:42:54Z	484 B	819 B	18.184.38.55
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.7 kB	5.6 kB	216.58.211.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	395 B	630 B	142.250.74.74
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-05 12:37:29	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoadedWrapper&render=explicit&hl=no	922 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoadedWrapper&render=explicit&hl=no IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:37:03 Last Seen2023-03-13 20:42:50 Times Seen1 Hash b11abdd7fb07f924b3abfef47b978588 d13345d8a3adead001991d86f65c510fc8ce46aa 51d9490168fce4f1df5907a5f34535df1e4d4f81a983116256e1ad66a01626f1 Loading...

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__no.js	414 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__no.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:37:03 Last Seen2023-03-13 20:42:50 Times Seen1 Hash 5b6213c68f057c74e1df3b4dc3c239f4 e582a035adcb40093674a1ddb0d8dcd15a7a01b5 0c7ceee382b1bd35895184c9c50e7c310d19550bb2a251a1258a9594231915d0 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM&co=aHR0cHM6Ly9uYXVnaHR5LWh1Yi5jb206NDQz&hl=no&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=xosnzukwpz65	69 B	2023-03-07	2024-04-26
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM&co=aHR0cHM6Ly9uYXVnaHR5LWh1Yi5jb206NDQz&hl=no&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=xosnzukwpz65 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 04:41:24 Times Seen99537 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM&co=aHR0cHM6Ly9uYXVnaHR5LWh1Yi5jb206NDQz&hl=no&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=xosnzukwpz65	36 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM&co=aHR0cHM6Ly9uYXVnaHR5LWh1Yi5jb206NDQz&hl=no&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=xosnzukwpz65 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:37:58 Last Seen2023-03-13 17:37:58 Times Seen1 Hash 0405ca515f2dedec59a1c5e959048d51 5309bbb350227152ceabe22226132da3c6d08b2e 183c85ba11b31e457df0aff717e751c87def6ee26c7393e439cb9210843dcf51 Loading...

	www.google.com/recaptcha/api2/bframe?hl=no&v=gEr-ODersURoIfof1hiDm7R5&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM	178 B	2023-03-09	2023-03-14
Pretty URL www.google.com/recaptcha/api2/bframe?hl=no&v=gEr-ODersURoIfof1hiDm7R5&k=6LeRwDIbAAAAAAQ8oCQFwX33wNY4sB9csAaoxZCM IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:32:30 Last Seen2023-03-14 19:40:20 Times Seen1 Hash 961a3bd2fc8bda5dac75fda266158260 58dda122705284d4e18e0c46221c09d48278bd19 2d826f56b4d33671bdef9abc62b3bf63f66e398a83c213482ae50d070e57e197 Loading...

	naughty-hub.com/#/adv/HYC66?cid=we5pukrli6vlvkdm2rta58p4&source=ff5c1bc0-53f1-4573-8083-234256664f4d&subsource=10_US	358 B	2023-03-07	2023-04-05
Pretty URL naughty-hub.com/#/adv/HYC66?cid=we5pukrli6vlvkdm2rta58p4&source=ff5c1bc0-53f1-4573-8083-234256664f4d&subsource=10_US IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:43 Last Seen2023-04-05 02:10:54 Times Seen11 Hash 131bb765995f8d2eadc012fa4d0fdcf9 4500e8ab18ced884e95dfa3c7061d682641ad6f9 160736557ccb795ecf84fc9d5a7ee1394119fe9e58e271de50357a6818cea991 Loading...

		Size	First Seen	Last Seen
	#1 Eval - afac4b57c3cf8874cf2351fce635a5a2	6.4 kB	2023-03-13	2023-03-29
Pretty Observations First Seen2023-03-13 13:41:21 Last Seen2023-03-29 21:48:24 Times Seen2 Hash afac4b57c3cf8874cf2351fce635a5a2 142003b0a65c2c43d63c7c0387e16d5859388d56 2b3ce7f667977b69602a081d9d4f8639269eceede7ac928b3be8053a725a9b91 Loading...

	#2 Eval - 54203d80fe39daeb129ac49dfa505647	62 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash 54203d80fe39daeb129ac49dfa505647 3afb4e397f319778b09eb79deb8fe5532db04f1e 0b0cbc8a00f6c0cd41604b5ab47421a48d6e68716c14d02fb593444c327540b0 Loading...

	#3 Eval - 4be4f679c48f13f3fed605d6f83486e1	17 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:37:58 Last Seen2023-03-13 17:37:58 Times Seen1 Hash 4be4f679c48f13f3fed605d6f83486e1 6e5af2cb703f08dedd4081e11e1b701cac370107 ff3698d32485ad0dfd5e220394e26477459dc185b4d491c3815a09f289433943 Loading...

	#4 Eval - b5c61f793566b8c202d085b2b08770ba	16 kB	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash b5c61f793566b8c202d085b2b08770ba 3ebd7972ef7c752f5e5ee50aad7f3e8f7cd6f56e a6226fffc806e7350700ded0d0fd6197209384c7e441e441c2d1aadd5213e295 Loading...

	#5 Eval - 7b2eafe88ff7e98cc36c5c04b4ca0b2b	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash 7b2eafe88ff7e98cc36c5c04b4ca0b2b e5eb03ff52599fd6e9dfc5df7a84a4200939aaca 9046ff9b2d9db3cff99ee5340d7ef7e5b46e26790abfe59db85edb95245d1c6b Loading...

	#6 Eval - 052726b041a406300a04e61daca56b78	16 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:37:58 Last Seen2023-03-13 17:37:58 Times Seen1 Hash 052726b041a406300a04e61daca56b78 4c47fd262d8d916a9e48d1d6fcd31ecf70dc5eaf c687e9c5367b8950f646791a9b91153218d016ab0b48ca272f96288d8155394a Loading...

	#7 Eval - eed16ff4b73849b2ea4fde6a4a10a729	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash eed16ff4b73849b2ea4fde6a4a10a729 9ba91162a36ca15781b19bfe8ae9a5e2df98d55b 971ac3be55ba44d48d62046dbf8373a0f48d762150a3d9e69744f95449a1911b Loading...

HTTP Transactions (73)

	URL	IP	Response	Size
	zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=tracking.t0r4.com&geo=US&sub1=1366&sub2=1373&clickid=63dfa2cf90228f0001e42a70	18.184.38.55	302	0 B
URL HTTP/1.1 zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=tracking.t0r4.com&geo=US&sub1=1366&sub2=1373&clickid=63dfa2cf90228f0001e42a70 IP 18.184.38.55:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=tracking.t0r4.com&geo=US&sub1=1366&sub2=1373&clickid=63dfa2cf90228f0001e42a70 HTTP/1.1 Host: zzotrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Server: nginx Date: Sun, 05 Feb 2023 12:36:49 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://naughty-hub.com/#/adv/HYC66?cid=we5pukrli6vlvkdm2rta58p4&source=ff5c1bc0-53f1-4573-8083-234256664f4d&subsource=10_US Pragma: no-cache Set-Cookie: ff5c1bc0-53f1-4573-8083-234256664f4d-v4=tZPBuM5bMV_FxoN48_RKxTKpjfWjRppGs5n8qw7Lwjw; Max-Age=86400; Expires=Mon, 06-Feb-2023 12:36:49 GMT; Domain=zzotrack.com; Path=/; HttpOnly cc-v4=8C1WTqoqpb%2FkgZzLwThkvLzl49aAOAkoxZzYhQpkvNweZ1E1dxS%2BBeGwcfH4A7ZX2U6969aGgqtANWYtSTLrszSQMK7w0DurMlez61fDgDELoSFJBMRmgaDp7uWHOsYry0jQ4beb7mYfs1riGpAQaw%3D%3D; Max-Age=31536000; Expires=Mon, 05-Feb-2024 12:36:49 GMT; Domain=zzotrack.com; Path=/; HttpOnly

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c21ba65e44ac95470c314e068e49a9eb 17a13b13738993d889d4afa3d848dc63bf6eba64 9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66" Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8645 Expires: Sun, 05 Feb 2023 15:00:54 GMT Date: Sun, 05 Feb 2023 12:36:49 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1cdc095521e9ee2606059be447d1fdd5 02b5d0a5b5823e2338daf7e144700babe2a213af 8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5429 Expires: Sun, 05 Feb 2023 14:07:18 GMT Date: Sun, 05 Feb 2023 12:36:49 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 05 Feb 2023 12:33:54 GMT content-type: application/json age: 175 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash fb7b6b46e708ad73eaaa3c21e74569ae 950663c025acad81556af5aa3022ecc9d55097fe 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64" Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16172 Expires: Sun, 05 Feb 2023 17:06:21 GMT Date: Sun, 05 Feb 2023 12:36:49 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: CqHMF9f5nioDYv6SYWIyHG4AK7WEyLFU6908FmHMNNVDPKy8p9syJSqJvQ6K38NJ3EWcbvX2EHs= x-amz-request-id: FNK5NKZ0WK48CCDM content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 05 Feb 2023 11:53:15 GMT age: 2614 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 12:36:49 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 70a37b3f725e5b78619f1b7809b0eae1 dc32e9f7754a5d3aec7663613e2d8af9fbf65a35 1a7d6d68e5683b7f88ec22c7dfe149f7614fd5395ca0e78b1b9d628c8e985150 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "1A7D6D68E5683B7F88EC22C7DFE149F7614FD5395CA0E78B1B9D628C8E985150" Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9337 Expires: Sun, 05 Feb 2023 15:12:26 GMT Date: Sun, 05 Feb 2023 12:36:49 GMT Connection: keep-alive`

	naughty-hub.com/	18.198.238.160	200 OK	684 B
URL HTTP/1.1 naughty-hub.com/ IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 684 B (684 bytes) Hash 12f764cd9f0e6a5e0ee92f85b0f3e296 4754a4b36dc4de00995bfaa4203ffbd7895a687d b0591e58806f408a72ff12daad9639078079f5810d359bdf1146731131cd0f1a HTTP Headers `GET / HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-store Link: <https://www.gstatic.com>; rel=preconnect; crossorigin, <https://www.google.com>; rel=preconnect; crossorigin, <https://www.google-analytics.com>; rel=preconnect; crossorigin X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/app/css/bundle.min.css?47	18.198.238.160	200 OK	102 kB
URL HTTP/1.1 naughty-hub.com/app/css/bundle.min.css?47 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (51928) Size 102 kB (101632 bytes) Hash b351f968554f4a7dfec47003ad7d2ad0 400d18d3ac205d1383defa98794bd32ec858cdfb 61f962d6b94aed667d461ce8acf1e53afbf2a5a92e83b2efc0ec2b906d43b425 HTTP Headers `GET /app/css/bundle.min.css?47 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: text/css Last-Modified: Wed, 01 Feb 2023 10:10:29 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"63da3a95-e145a" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/app/app.min.js?47	18.198.238.160	200 OK	564 kB
URL HTTP/1.1 naughty-hub.com/app/app.min.js?47 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (32035) Size 564 kB (564542 bytes) Hash abcdceda0ef28e12848a3c1f62b75447 f8acd33423ffd629d2d8863fadc7446f54480a48 bef420392d1cca76d82fab381ae8117dc36d8a6b74b48b76ef198b86a4395982 HTTP Headers `GET /app/app.min.js?47 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: application/javascript Last-Modified: Wed, 01 Feb 2023 10:10:29 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"63da3a95-22bfc5" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 05 Feb 2023 11:49:07 GMT age: 2863 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	naughty-hub.com/app/fonts/proximanova-regular-webfont.woff2	18.198.238.160	200 OK	35 kB
URL HTTP/1.1 naughty-hub.com/app/fonts/proximanova-regular-webfont.woff2 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 34889, version 3.327\012- data Size 35 kB (34889 bytes) Hash 956599cecc8b2be8f010fec90b86283c a87d277eee06a0fa77db95fd5dc655c0e886a912 ce0aeeb05f9b23bafb4819167c2eff482f5ce443e613cf5bf60b46d20090404b HTTP Headers `GET /app/fonts/proximanova-regular-webfont.woff2 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://naughty-hub.com/app/css/bundle.min.css?47 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: font/woff2 Content-Length: 34889 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-8849" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dedf9c519ac38c4bece9c5bc895787d7 4911175c3f8a435978c5301c33c7a99a5e00a1d5 bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698" Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5550 Expires: Sun, 05 Feb 2023 14:09:20 GMT Date: Sun, 05 Feb 2023 12:36:50 GMT Connection: keep-alive`

	naughty-hub.com/api/settings/global?t=1675600650948	18.198.238.160	200 OK	672 B
URL HTTP/1.1 naughty-hub.com/api/settings/global?t=1675600650948 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1203), with no line terminators Size 672 B (672 bytes) Hash f5fa6716a3747f3ec3f834981bddcd87 0749dab4f444ab75794a822f8a752a81d120333b 664ce789818f215346a5bc63d0e174cf66ccc733beee52042f5b3bac8ac012d7 HTTP Headers `GET /api/settings/global?t=1675600650948 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/app/icons/57x57.png	18.198.238.160	200 OK	501 B
URL HTTP/1.1 naughty-hub.com/app/icons/57x57.png IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type PNG image data, 58 x 57, 8-bit/color RGBA, non-interlaced\012- data Size 501 B (501 bytes) Hash 80c8a8a790cd05af535cd8e6091a3346 3f10ca73f95e6d4c22e91adecdcf1c7292ed7dd2 cf3977fe39f74fb664f6433f7bd41d79c92ff765ef8f8a57a69913af3d4a6a71 HTTP Headers `GET /app/icons/57x57.png HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: image/png Content-Length: 501 Last-Modified: Thu, 01 Sep 2022 09:52:48 GMT Connection: keep-alive ETag: "631080f0-1f5" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/icons/144x144.png	18.198.238.160	200 OK	873 B
URL HTTP/1.1 naughty-hub.com/app/icons/144x144.png IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type PNG image data, 145 x 144, 8-bit/color RGBA, non-interlaced\012- data Size 873 B (873 bytes) Hash ce4be90699bb55414d8b851294954e19 176b89110cae67feb767a2b957fe71909684575d 75326428d53d1ec277681154f1fe36bee0af927a38a24306c0bae09b552ca86e HTTP Headers `GET /app/icons/144x144.png HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: image/png Content-Length: 873 Last-Modified: Thu, 01 Sep 2022 09:52:48 GMT Connection: keep-alive ETag: "631080f0-369" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/adv/index2.html	18.198.238.160	200 OK	149 B
URL HTTP/1.1 naughty-hub.com/app/adv/index2.html IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type ASCII text Size 149 B (149 bytes) Hash cc468f7f69a9398e9d0ae5877dab035f 7fa60518571c1ab6ef7bfc37248e28c288591588 8ca0768db4e4a7ea7137f45ad95fc2b0b7bd4a66104650b4a4fe6a74ac3c9aa1 HTTP Headers `GET /app/adv/index2.html HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: text/html Content-Length: 149 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-95" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 153d0de36959c722c00df71ba86daca2 305f56a3134879ebf0828e169e903e560540c070 0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 12:36:50 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google-analytics.com/analytics.js	142.250.74.78	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.78:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1490) Size 20 kB (20085 bytes) Hash ca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Sun, 05 Feb 2023 11:45:20 GMT expires: Sun, 05 Feb 2023 13:45:20 GMT cache-control: public, max-age=7200 age: 3090 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	naughty-hub.com/api/auth/adv-page	18.198.238.160	200 OK	102 B
URL HTTP/1.1 naughty-hub.com/api/auth/adv-page IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 102 B (102 bytes) Hash c19cf7112218b38c60f1c3d5a25ea241 29fa7975fcb0695aeb956869d33bfe7c1440b8ee 9762ae2a3a53784fe5b8c2f5a28c8c06cfc60f908b6134174b812520de14aa98 HTTP Headers `POST /api/auth/adv-page HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 18 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: application/json; charset=utf-8 Content-Length: 102 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	push.services.mozilla.com/	52.37.14.141	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.37.14.141:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: gsjoKx6sTQkeQcKMjcO37w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: I0IfdS9N6/HKd+vRUFLCTmGLPlg=`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 153d0de36959c722c00df71ba86daca2 305f56a3134879ebf0828e169e903e560540c070 0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 12:36:50 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	naughty-hub.com/app/fonts/proximanova-light-webfont.woff2	18.198.238.160	200 OK	35 kB
URL HTTP/1.1 naughty-hub.com/app/fonts/proximanova-light-webfont.woff2 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 34893, version 3.327\012- data Size 35 kB (34893 bytes) Hash 8663158e9d91a253b64f1fde77e57dc0 010aa78b26a3834cd0125e8b3537b4d3b1429bf2 bfd4d65d15394e9768192fd83f1ced5c3819fd6c282b457f9dd49f2f2f67c7ba HTTP Headers `GET /app/fonts/proximanova-light-webfont.woff2 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://naughty-hub.com/app/css/bundle.min.css?47 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: font/woff2 Content-Length: 34893 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-884d" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/api/auth/check/HYC43	18.198.238.160	200 OK	17 B
URL HTTP/1.1 naughty-hub.com/api/auth/check/HYC43 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 17 B (17 bytes) Hash c0a4229f65148628b26e451304ddac68 50855475058d6ab5f50fd9a4d3aa24c8431ba52f 06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03 HTTP Headers POST /api/auth/check/HYC43 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 135 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: application/json; charset=utf-8 Content-Length: 17 Connection: keep-alive Set-Cookie: glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; Max-Age=315360000; Path=/; Expires=Wed, 02 Feb 2033 12:36:50 GMT; HttpOnly; Secure; SameSite=None plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; Max-Age=315360000; Path=/; Expires=Wed, 02 Feb 2033 12:36:50 GMT; HttpOnly; Secure; SameSite=None clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw; Max-Age=86400; Path=/; Expires=Mon, 06 Feb 2023 12:36:50 GMT; HttpOnly; Secure; SameSite=None X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	naughty-hub.com/api/auth/load-ui-lang-overrides/HYC43	18.198.238.160	200 OK	16 B
URL HTTP/1.1 naughty-hub.com/api/auth/load-ui-lang-overrides/HYC43 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 16 B (16 bytes) Hash 7363e85fe9edee6f053a4b319588c086 a15e2127145548437173fc17f3e980e3f3dee2d0 c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 HTTP Headers POST /api/auth/load-ui-lang-overrides/HYC43 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 2 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: application/json; charset=utf-8 Content-Length: 16 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	naughty-hub.com/api/auth/adv-page	18.198.238.160	200 OK	102 B
URL HTTP/1.1 naughty-hub.com/api/auth/adv-page IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 102 B (102 bytes) Hash c19cf7112218b38c60f1c3d5a25ea241 29fa7975fcb0695aeb956869d33bfe7c1440b8ee 9762ae2a3a53784fe5b8c2f5a28c8c06cfc60f908b6134174b812520de14aa98 HTTP Headers POST /api/auth/adv-page HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 18 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: application/json; charset=utf-8 Content-Length: 102 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	naughty-hub.com/app/adv/pages/bkzP54DP6/translations.json?t=1675600651229	18.198.238.160	200 OK	4.7 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/bkzP54DP6/translations.json?t=1675600651229 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators Size 4.7 kB (4663 bytes) Hash 605a5ca5979b701d56f4d86fabfb4288 f0189a427dee746718b41b77fdb95c69369316d6 3a7e9bb0bdd0f152968b636561845dfbdee87b19db6eb90c3e01a6ae5cbb2cd0 HTTP Headers GET /app/adv/pages/bkzP54DP6/translations.json?t=1675600651229 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: application/json Last-Modified: Wed, 29 Dec 2021 13:58:11 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"61cc6973-33d6" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/api/profile/public/countries/en	18.198.238.160	200 OK	6.1 kB
URL HTTP/1.1 naughty-hub.com/api/profile/public/countries/en IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (29493), with no line terminators Size 6.1 kB (6063 bytes) Hash b4fa16e905696cda8f1e1faf57cd8474 07576432081922a04fea95c558b267b59f01ae51 117a3f2f43b8761617b15a8b537ffbdb026d72eba407f2d647d86146477f2e3e HTTP Headers POST /api/profile/public/countries/en HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 2 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:50 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/api/auth/my-country	18.198.238.160	200 OK	4 B
URL HTTP/1.1 naughty-hub.com/api/auth/my-country IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type ASCII text, with no line terminators Size 4 B (4 bytes) Hash e053b472d8c218cfc5d7343f16149bfe 7d8d3d93f7dde8cbff976bfb5b40dc01c9cbd462 8715f26d0d6e170f900e60938fedd70eb9b8b227166bb66a99ace161a7f936bf HTTP Headers POST /api/auth/my-country HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 2 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: application/json; charset=utf-8 Content-Length: 4 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	naughty-hub.com/api/settings/landing-texts	18.198.238.160	200 OK	0 B
URL HTTP/1.1 naughty-hub.com/api/settings/landing-texts IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /api/settings/landing-texts HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 16 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: application/json; charset=utf-8 Content-Length: 0 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	naughty-hub.com/locale/no?t=1675600651269	18.198.238.160	200 OK	20 kB
URL HTTP/1.1 naughty-hub.com/locale/no?t=1675600651269 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (63484), with no line terminators Size 20 kB (20495 bytes) Hash e33161a59c2faedbf23ad3fc41936f98 adf3a74efe2f8433847588eec74f85382bf32ca3 2b1404e0a2bc8a38e6284cf91ffda046047202b69d8105805ac939d1c5fb1d91 HTTP Headers GET /locale/no?t=1675600651269 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash a78b06ca527ce7542b24b349e0485d8b 6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 12:36:51 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoadedWrapper&render=explicit&hl=no	142.250.74.164	200 OK	586 B
URL HTTP/2 www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoadedWrapper&render=explicit&hl=no IP 142.250.74.164:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (922), with no line terminators Size 586 B (586 bytes) Hash 44a170f185e2f0d0e7fd1ed27178ebf5 2786cb8609d48e19cff6398ab47a48cded42cff1 9542f0ba80d7c811b0b4ff23a77d810c57992dd07fff7900ca3b9a86d7e89258 HTTP Headers `GET /recaptcha/api.js?onload=vcRecaptchaApiLoadedWrapper&render=explicit&hl=no HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK expires: Sun, 05 Feb 2023 12:36:51 GMT date: Sun, 05 Feb 2023 12:36:51 GMT cache-control: private, max-age=300 content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 586 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	naughty-hub.com/api/profile/public/selections	18.198.238.160	200 OK	4.1 kB
URL HTTP/1.1 naughty-hub.com/api/profile/public/selections IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (24509), with no line terminators Size 4.1 kB (4074 bytes) Hash 9b550b038fa81f08b6ca542e3b04b747 4839381325d1e037c1d8f9f210a5adaa967f82d2 cd38ade91e46222e79f5087250a04f33586e6dd79602de6f7e50fd7a09d53842 HTTP Headers POST /api/profile/public/selections HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 38 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/api/profile/public/countries/no	18.198.238.160	200 OK	6.1 kB
URL HTTP/1.1 naughty-hub.com/api/profile/public/countries/no IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (29484), with no line terminators Size 6.1 kB (6088 bytes) Hash 06df3b87091681a156d47d263e9103af 9053a1f20bf4ef6e5c3098f4e760a2a8ec6b45a8 e5857107614a969df2fbcd70b8f32c0b08a8355ebb260cf98d7821ef1f12026d HTTP Headers POST /api/profile/public/countries/no HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 2 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/app/adv/pages/bkzP54DP6/index.html?t=1675600651351	18.198.238.160	200 OK	5.9 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/bkzP54DP6/index.html?t=1675600651351 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type HTML document, Unicode text, UTF-8 text, with very long lines (343), with CRLF line terminators Size 5.9 kB (5865 bytes) Hash 275c2154030d0c139ad78b1ac41af7e1 d5237abe46beb0528f7db89ffdfa9150933a2dd8 77ae7fe00a89a9a78c9fe5372f5ed22e974c12c554b64c43af70d46b7044905d HTTP Headers GET /app/adv/pages/bkzP54DP6/index.html?t=1675600651351 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: text/html Last-Modified: Wed, 29 Dec 2021 13:58:11 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"61cc6973-8969" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/api/profile/public/get-offer-urls	18.198.238.160	200 OK	391 B
URL HTTP/1.1 naughty-hub.com/api/profile/public/get-offer-urls IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with very long lines (391), with no line terminators Size 391 B (391 bytes) Hash b44ab5eb9baa7262e7d9582a3d392f16 456545e933680486f6e5fa154bb8bcc3e1572888 3179dc88c993d36b30ff5e3a782307f26e55f73c6fe1e5bfd8479ee08d41df6c HTTP Headers POST /api/profile/public/get-offer-urls HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 86 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: application/json; charset=utf-8 Content-Length: 391 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash c7d887fc3e3b7a68b7872c76802085c0 eb26f820776e7d87a00489eb14f918e5f6945835 915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 12:36:51 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 5452c58c07ce8d3cade93b323b271c35 581b1e438daeb32a12feaf50f2aab17dcf3e3171 b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 12:36:51 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	naughty-hub.com/%7B%7Bvm.assetUrl%7D%7D/small-flame.svg	18.198.238.160	404 Not Found	44 B
URL HTTP/1.1 naughty-hub.com/%7B%7Bvm.assetUrl%7D%7D/small-flame.svg IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type ASCII text Size 44 B (44 bytes) Hash 4530f4bcdf7e8cbd777704ba460cceac 91504c59742848c4a20ef585f741f85713c69f47 ee156b480f45874545e16d213e9ccd5e45faafe114ce73c490484a67a01a93b5 HTTP Headers GET /%7B%7Bvm.assetUrl%7D%7D/small-flame.svg HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 404 Not Found Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 44 Connection: keep-alive X-Content-Type-Options: nosniff`

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__no.js	216.58.211.3	200 OK	165 kB
URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__no.js IP 216.58.211.3:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (622) Size 165 kB (164990 bytes) Hash 5b33cc30d6be0e3a29bb5f54ebc1e47c e952ec6f686f35d00d331833637c2cf26cd1fbf6 295f41848bf197028dc7197758445706df968050aed646627e708d6741b98f36 HTTP Headers `GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__no.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 164990 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 31 Jan 2023 09:38:11 GMT expires: Wed, 31 Jan 2024 09:38:11 GMT cache-control: public, max-age=31536000 last-modified: Tue, 31 Jan 2023 02:51:47 GMT content-type: text/javascript age: 442720 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 98be7fe21d059e46146a43d20c4eea92 1ec58129fea75085588be7b8baec05b0874b5274 7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 12:36:51 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 5452c58c07ce8d3cade93b323b271c35 581b1e438daeb32a12feaf50f2aab17dcf3e3171 b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 12:36:51 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	naughty-hub.com/api/auth/my-location	18.198.238.160	200 OK	51 B
URL HTTP/1.1 naughty-hub.com/api/auth/my-location IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 51 B (51 bytes) Hash 1f3d00cb02ae605e15035d384130a56f ebfaae01250bc079698f19e648cbd6cb1c8d5392 09de7fa42b0fb515b2659e6b351ac5866fe967ed80dc5b72c94dd9613f46abe6 HTTP Headers POST /api/auth/my-location HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 2 Origin: https://naughty-hub.com Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: application/json; charset=utf-8 Content-Length: 51 Connection: keep-alive X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains

	naughty-hub.com/app/img2/logo-light-background/landing.png?b=47	18.198.238.160	200 OK	1.4 kB
URL HTTP/1.1 naughty-hub.com/app/img2/logo-light-background/landing.png?b=47 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type PNG image data, 288 x 73, 8-bit/color RGBA, non-interlaced\012- data Size 1.4 kB (1411 bytes) Hash 1a053809ad8653a0a9bcf13e842772d7 8d46c8691ae1ae796d30d39592f827fb7daabba3 93495bdc42433ff07b0a59f8b9916ae11e9adb9e56739cf2608b1c5892e4aa3e HTTP Headers GET /app/img2/logo-light-background/landing.png?b=47 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/app/css/bundle.min.css?47 Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: image/png Content-Length: 1411 Last-Modified: Thu, 01 Sep 2022 09:52:48 GMT Connection: keep-alive ETag: "631080f0-583" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/fonts/proximanova-bold-webfont.woff2	18.198.238.160	200 OK	35 kB
URL HTTP/1.1 naughty-hub.com/app/fonts/proximanova-bold-webfont.woff2 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 34817, version 3.327\012- data Size 35 kB (34817 bytes) Hash 06e2b33c7a1ea2382d4b3d186a23064b 5bc4a79df42ce01df689f485505138a25e311b9e f2862e9eb293fe36d775b3e6aa801733d6c2d249ebdc7a92d433db94208839ea HTTP Headers GET /app/fonts/proximanova-bold-webfont.woff2 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://naughty-hub.com/app/css/bundle.min.css?47 Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: font/woff2 Content-Length: 34817 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-8801" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 98be7fe21d059e46146a43d20c4eea92 1ec58129fea75085588be7b8baec05b0874b5274 7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 12:36:51 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	naughty-hub.com/app/adv/pages/bkzP54DP6/assets//small-flame.svg	18.198.238.160	200 OK	1.3 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/bkzP54DP6/assets//small-flame.svg IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2401), with CRLF line terminators Size 1.3 kB (1263 bytes) Hash 64d090b23560515ad38ba4a0062194e3 c3a721cca055913bd3e2cea56d1b6160164324ad 241ce8c26361beceb7dcafe4d8501f5ac75fafbe5d98ee08e60b4cb5c7704ddf HTTP Headers GET /app/adv/pages/bkzP54DP6/assets//small-flame.svg HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: image/svg+xml Last-Modified: Wed, 29 Dec 2021 13:58:11 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"61cc6973-acc" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/app/adv/pages/bkzP54DP6/assets//medium-flame.svg	18.198.238.160	200 OK	1.7 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/bkzP54DP6/assets//medium-flame.svg IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3518), with CRLF line terminators Size 1.7 kB (1723 bytes) Hash f011a5d78a3d1af97764fb5c8331fa0e e4c2f2b477de214f2f742dc7711a000fb2b1ff00 94a8b0738a8e89e018870d576f42f52f28fdc64209591748708497245a556b07 HTTP Headers GET /app/adv/pages/bkzP54DP6/assets//medium-flame.svg HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: image/svg+xml Last-Modified: Wed, 29 Dec 2021 13:58:11 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"61cc6973-f15" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/app/adv/pages/bkzP54DP6/assets//big-flame.svg	18.198.238.160	200 OK	5.5 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/bkzP54DP6/assets//big-flame.svg IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7072), with CRLF line terminators Size 5.5 kB (5539 bytes) Hash 61b8044e0eab063ddd16a5db5fa9eb7f 9c014106cd15456fba4691da35a6438ea0e7e4fc ef6132cb483bad4d32441934d1e401dd1f63cdd0d85208bab337f77277abe1f1 HTTP Headers GET /app/adv/pages/bkzP54DP6/assets//big-flame.svg HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: image/svg+xml Last-Modified: Wed, 29 Dec 2021 13:58:11 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"61cc6973-36ef" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Content-Encoding: gzip

	naughty-hub.com/app/icons/flags/%7B%7Bvm.profile.country%7D%7D.png	18.198.238.160	404 Not Found	162 B
URL HTTP/1.1 naughty-hub.com/app/icons/flags/%7B%7Bvm.profile.country%7D%7D.png IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 70461da8b94c6ca5d2fda3260c5a8c3b 994bc667720c21257500e29038c1a5f61e25da1e f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee HTTP Headers GET /app/icons/flags/%7B%7Bvm.profile.country%7D%7D.png HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 404 Not Found Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive`

	naughty-hub.com/app/icons/flags/NO.png	18.198.238.160	200 OK	542 B
URL HTTP/1.1 naughty-hub.com/app/icons/flags/NO.png IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type PNG image data, 72 x 51, 8-bit/color RGBA, non-interlaced\012- data Size 542 B (542 bytes) Hash 4bcc0171d01b4e4d5a1d144290b937f4 59aca547a6631d6650ea22631dfb5ae20d663a2b 70d1f2a462a0cf7fb12c802fc0fbae8b9cb313e011f9d185d3b08aef1dd66bd6 HTTP Headers GET /app/icons/flags/NO.png HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: image/png Content-Length: 542 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-21e" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/img2/sprite/sprite-x1.png?b=47	18.198.238.160	200 OK	111 kB
URL HTTP/1.1 naughty-hub.com/app/img2/sprite/sprite-x1.png?b=47 IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type PNG image data, 2000 x 600, 8-bit/color RGBA, non-interlaced\012- data Size 111 kB (111440 bytes) Hash 18bed6ceffd07076124ed6f93f4db040 9be541c14a4b117d0953628a6eafa00ab2f286fc b5da7850a51b6fa030812d371151465465bd44a14fdc557eda784412126db129 HTTP Headers GET /app/img2/sprite/sprite-x1.png?b=47 HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/app/css/bundle.min.css?47 Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: image/png Content-Length: 111440 Last-Modified: Tue, 15 Jun 2021 11:52:17 GMT Connection: keep-alive ETag: "60c89471-1b350" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/adv/pages/bkzP54DP6/assets//chevron-down.png	18.198.238.160	404 Not Found	162 B
URL HTTP/1.1 naughty-hub.com/app/adv/pages/bkzP54DP6/assets//chevron-down.png IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 70461da8b94c6ca5d2fda3260c5a8c3b 994bc667720c21257500e29038c1a5f61e25da1e f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee HTTP Headers GET /app/adv/pages/bkzP54DP6/assets//chevron-down.png HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 404 Not Found Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive`

	naughty-hub.com/app/adv/pages/bkzP54DP6/assets//bgr-small.jpg	18.198.238.160	200 OK	843 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/bkzP54DP6/assets//bgr-small.jpg IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data Size 843 kB (843341 bytes) Hash 41466b3283c463dd7043e4c75f08404a d821c05630d2337a0b153a5d628e021287c70964 67bf05f3dc6a6b8ea1a3233e1d5c00a9704a19e38c5493e3103350857033213c HTTP Headers GET /app/adv/pages/bkzP54DP6/assets//bgr-small.jpg HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: image/jpeg Content-Length: 843341 Last-Modified: Wed, 29 Dec 2021 13:58:11 GMT Connection: keep-alive ETag: "61cc6973-cde4d" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/adv/pages/bkzP54DP6/assets//step1/user-c-big.jpg	18.198.238.160	200 OK	267 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/bkzP54DP6/assets//step1/user-c-big.jpg IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 622x1056, components 3\012- data Size 267 kB (266655 bytes) Hash d57f7130593d753c755675694edd9838 7631dfc573880f6c0c190bcef1e560d1df0d832b 6cba5a979cf9b0a889e9a159fea2bb653daf5abe136a82700dccca637dbd062a HTTP Headers GET /app/adv/pages/bkzP54DP6/assets//step1/user-c-big.jpg HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: image/jpeg Content-Length: 266655 Last-Modified: Wed, 29 Dec 2021 13:58:11 GMT Connection: keep-alive ETag: "61cc6973-4119f" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/adv/pages/bkzP54DP6/assets//step1/user-b-big.jpg	18.198.238.160	200 OK	303 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/bkzP54DP6/assets//step1/user-b-big.jpg IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 622x1056, components 3\012- data Size 303 kB (303417 bytes) Hash 7f7e5fc52ec55fb4b5373eff3a1d8502 ad82133b803043cf18d288fc14e94519b3436c78 06f476f41f0228cfb8e6614dde8bde6142547b320d3e4fe5e4e60b4e76b38fca HTTP Headers GET /app/adv/pages/bkzP54DP6/assets//step1/user-b-big.jpg HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: image/jpeg Content-Length: 303417 Last-Modified: Wed, 29 Dec 2021 13:58:11 GMT Connection: keep-alive ETag: "61cc6973-4a139" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	naughty-hub.com/app/adv/pages/bkzP54DP6/assets//step1/user-a-big.jpg	18.198.238.160	200 OK	363 kB
URL HTTP/1.1 naughty-hub.com/app/adv/pages/bkzP54DP6/assets//step1/user-a-big.jpg IP 18.198.238.160:0 ASN #16509 AMAZON-02 File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 622x1056, components 3\012- data Size 363 kB (362701 bytes) Hash de33da76abcfcdec1e6ef85497710b69 f3e09a5c449bfb75ca8660afcdab84674c144efa d987f2cdf9d17c31c5ddca58c18d6421391881bab06312249e6bb1fe088318ba HTTP Headers GET /app/adv/pages/bkzP54DP6/assets//step1/user-a-big.jpg HTTP/1.1 Host: naughty-hub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Cookie: _ga=GA1.2.136021316.1675600651; _gid=GA1.2.81588629.1675600651; glink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiYSI6eyJpcCI6IjkxLjkwLjQyLjE1NCIsImRhdGUiOjE2NzU2MDA2MTA4NTd9LCJpYXQiOjE2NzU2MDA2MTAsImV4cCI6MTk5MDk2MDYxMCwiYXVkIjoibmF1Z2h0eS1odWIuY29tIn0.mAMDy-S06ZafwmzGsUAD4GY83iE1VcEHMYQ8k3TDa20; plink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZWFyY2hQYXJhbXMiOnsiY2lkIjoid2U1cHVrcmxpNnZsdmtkbTJydGE1OHA0Iiwic291cmNlIjoiZmY1YzFiYzAtNTNmMS00NTczLTgwODMtMjM0MjU2NjY0ZjRkIiwic3Vic291cmNlIjoiMTBfVVMifSwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.BJ0ONnC7ylLVYHie7VBnYJiA7NzNqJGNIhK2MFziPFI; clink=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0cmFja2luZ0xpbmtJZCI6IkhZQzQzIiwiaWF0IjoxNjc1NjAwNjEwLCJleHAiOjE5OTA5NjA2MTAsImF1ZCI6Im5hdWdodHktaHViLmNvbSJ9.hgxHvprsaR3wnP1g8cbcI1ynpCFmIbLnw-LtyDZ1WFw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 12:36:51 GMT Content-Type: image/jpeg Content-Length: 362701 Last-Modified: Wed, 29 Dec 2021 13:58:11 GMT Connection: keep-alive ETag: "61cc6973-588cd" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1 X-Content-Type-Options: nosniff Content-Security-Policy: default-src https: wss: about: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=31536000; includeSubDomains Public-Key-Pins: pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; max-age=60; includeSubDomains Accept-Ranges: bytes

	fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2	142.250.74.35	200 OK	15 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Size 15 kB (15344 bytes) Hash 5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc HTTP Headers `GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15344 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 02 Feb 2023 21:48:03 GMT expires: Fri, 02 Feb 2024 21:48:03 GMT cache-control: public, max-age=31536000 age: 226128 last-modified: Mon, 16 Oct 2017 17:32:55 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2	142.250.74.35	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Size 16 kB (15552 bytes) Hash 285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 HTTP Headers `GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15552 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 02 Feb 2023 16:40:43 GMT expires: Fri, 02 Feb 2024 16:40:43 GMT cache-control: public, max-age=31536000 age: 244568 last-modified: Mon, 16 Oct 2017 17:33:02 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19467 Expires: Sun, 05 Feb 2023 18:01:18 GMT Date: Sun, 05 Feb 2023 12:36:51 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19467 Expires: Sun, 05 Feb 2023 18:01:18 GMT Date: Sun, 05 Feb 2023 12:36:51 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19467 Expires: Sun, 05 Feb 2023 18:01:18 GMT Date: Sun, 05 Feb 2023 12:36:51 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg	34.120.237.76	200 OK	7.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.6 kB (7589 bytes) Hash 5beaead015b2b4fb6d36009926ba0378 67e7c49ea7648fc6d1dffc22588862c993b785b7 6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7589 x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fsSpoEA0oAMFSBg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0 x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: IxfTibTq6T_wq9a5YCIBZLBb70BI7AOLEAYMYYuMZPhvVKjDbFfrvA== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 21:52:08 GMT etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7" content-type: image/jpeg age: 53083 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg	34.120.237.76	200 OK	5.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.0 kB (5014 bytes) Hash 5b6c30ad03669b66bf2f63b3edd69882 e630bd132b52b965a5ade646ea8a165d1abf6d7b f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5014 x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fi3bIE0aoAMF6YQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 11:24:01 GMT age: 4370 etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg	34.120.237.76	200 OK	6.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.2 kB (6202 bytes) Hash 251f1a5d671fb797fb98e9a71754c341 335425603d9eec146a3c03422dbca91134272e53 74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6202 x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fi3bUFEJoAMFapg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 11:30:31 GMT age: 3980 etag: "335425603d9eec146a3c03422dbca91134272e53" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10905 bytes) Hash 1a4eed23b240d04a3cd6b085cfa93375 f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00 93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10905 x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fmNJCEDzIAMFmxA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 22:09:58 GMT age: 52013 etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg	34.120.237.76	200 OK	5.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.8 kB (5801 bytes) Hash c1f3df5bbad5048923e29c0767d703d3 48c408d37a7bd7f96653174359178eed46ddf298 c8bae041c3d64334964b2aa771a07bc2709ced4c497e1795f864d9416fed728f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5801 x-amzn-requestid: 441284a8-923a-4b22-b39f-95dec713c292 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fjj9jHu_IAMFZ-w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d7b389-788174a773fcd695540cc95e;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 12:09:45 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: DgvqiQwdytO2caPNzg2OhGcv8ly9N_YeQTzpuf6iwAVt8AQZEXRLqw== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 21:44:03 GMT age: 53568 etag: "48c408d37a7bd7f96653174359178eed46ddf298" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (12967 bytes) Hash 8e0be7db14d930d6227443314bcd1747 4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12967 x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fpIQAFCMIAMF0Sw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0 x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 03:42:59 GMT age: 32032 etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2	142.250.74.35	200 OK	15 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data Size 15 kB (15340 bytes) Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5 81d5d4c7b5035ad10cce63cf7100295e0c51fdda c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd HTTP Headers `GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15340 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 31 Jan 2023 00:39:09 GMT expires: Wed, 31 Jan 2024 00:39:09 GMT cache-control: public, max-age=31536000 last-modified: Mon, 16 Oct 2017 17:33:16 GMT content-type: font/woff2 age: 475063 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg	34.120.237.76	200 OK	7.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.1 kB (7060 bytes) Hash 75caf9549ac23c827c10d6baabb84884 e8391e4046acb91cd4a6113974fda1c44dcd3865 a01e3a9aaa0b0fa156303bcbf38c1c45ea6abe8d0a052734b05ea4da82f176c4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 7060 x-amzn-requestid: 9379b64e-3a3f-4b8d-aba2-bc3cd7dab98f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fi3cgFCkIAMFrhA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d76c4f-6ac6da215407497043249929;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:51 GMT x-amz-cf-pop: SEA19-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 75uKxGlJDSXzIUgR5Rm4f13SClTT1UIDLgbkTrFDEDvKmGmViQ3Djg== via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 22:25:50 GMT age: 51068 etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Roboto:300,500	142.250.74.74	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,500 IP 142.250.74.74:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Roboto:300,500 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://naughty-hub.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 05 Feb 2023 12:36:51 GMT date: Sun, 05 Feb 2023 12:36:51 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations