r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16614
Expires: Sun, 27 Nov 2022 14:27:56 GMT
Date: Sun, 27 Nov 2022 09:51:02 GMT
Connection: keep-alive
natsegal.com/winqsb-64-bit-windows-7-download/
185.28.21.131301 Moved Permanently 707 B URL HTTP/1.1 natsegal.com/winqsb-64-bit-windows-7-download/
IP 185.28.21.131:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /winqsb-64-bit-windows-7-download/ HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 27 Nov 2022 09:51:02 GMT
server: LiteSpeed
location: https://natsegal.com/winqsb-64-bit-windows-7-download/
platform: hostinger
content-security-policy: upgrade-insecure-requests
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2827
Cache-Control: max-age=91633
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:02 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:18:15 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4108
Expires: Sun, 27 Nov 2022 10:59:30 GMT
Date: Sun, 27 Nov 2022 09:51:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 09:19:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1901
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FnseNbE13m0m/k/1KAPeaKG6cY69YOi3W12DTpDePXFnrkAR/mlb4/bIQ8Uftb3rcsoFweRhAkKeyAoo8RYWFA==
x-amz-request-id: 62G4EA7RE0V4PX47
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 09:41:35 GMT
age: 567
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 09:08:54 GMT
cache-control: public,max-age=3600
age: 2528
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2970
Cache-Control: max-age=86719
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:02 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 09:56:21 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
natsegal.com/winqsb-64-bit-windows-7-download/
185.28.21.131301 Moved Permanently 0 B URL HTTP/2 natsegal.com/winqsb-64-bit-windows-7-download/
IP 185.28.21.131:0
ASN #47583 Hostinger International Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /winqsb-64-bit-windows-7-download/ HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.32
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: Rank Math
location: https://natsegal.com
x-litespeed-cache: miss
content-length: 0
date: Sun, 27 Nov 2022 09:51:02 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.102.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.102.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gBa6hb/J1zf1vnYDy0WXcw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KZdVFS/521h9jUe0od0DjWVkLkk=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4486
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 09:51:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4486
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 09:51:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4486
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 09:51:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4486
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 09:51:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4486
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 09:51:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K2eKLQhrsCdd4ASsfEibRuZAYW4CpPTlO3fZs7xdoKrw1HBxfTGkEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
age: 43730
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y0ofyT6UcPjB8mfRR1VMjHSTW64Qb_EQ0rrjsOdbby1CG-xMIFJMPw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:49:19 GMT
age: 43305
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 43730
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e615cdc2e330b5cf76435abce9aa631a
71f737c3cee7766494157cd6491ce247a785c09e
853f68bf79a553b9fbf0e10391424faf0a3c071370d05d369563f7824d1bda84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9063
x-amzn-requestid: f00ac8bd-6466-4c92-9b99-0e71b4b2345c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Jr4ENtoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2318-0e3a57932987e29521388dd7;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:04:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ntfumip5IjOlyoe6ASlwJ1PjPLN1yZHkK_iiDDKfmMCyI__PrrGVMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 12:27:26 GMT
age: 77018
etag: "71f737c3cee7766494157cd6491ce247a785c09e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f80a9a9b55da31c98663e157dde74a19
26b8dd82140c0db021048e11bff65a391dc6b444
680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6859
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTHRroAMFR8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qk03VFAQ1od0YzamiePUE8VQp9kBv_fy5gDUrVSlLGLSdn5v4JQbvw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 14:28:34 GMT
age: 69750
etag: "26b8dd82140c0db021048e11bff65a391dc6b444"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183848d2-b6cc-4349-b07a-3fd8540a63e2.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183848d2-b6cc-4349-b07a-3fd8540a63e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9de86e0161ef1255306ddfce1c2549d7
f77ff5378766c6b14125de0e003b21f34726672b
7db14b31e7e2d882eb446bd6056ad9e8eed6e1581837a6d54d2e0d26aa2600bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183848d2-b6cc-4349-b07a-3fd8540a63e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4023
x-amzn-requestid: e9fe84db-d488-4ec7-81e6-c819bb625944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b44BuHsmIAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d3a4-54fbd7892170110e4bafc899;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:13:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DclAu4C4JasM2abF5ykmvdcx504CxPK26WXw2Z_YbcNZgW51ZLz05A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 09:26:58 GMT
age: 1446
etag: "f77ff5378766c6b14125de0e003b21f34726672b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2d09716c2d650810b549331d676f8df7
7213a34b45c0038080993ce5b9fb58913cd2c98b
6a4926129ea55642137c636f47bd2d2a645be1be60ee08145f3f21f36bc86e65
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4120
Cache-Control: max-age=153411
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:04 GMT
Etag: "6382d733-118"
Expires: Tue, 29 Nov 2022 04:27:55 GMT
Last-Modified: Sun, 27 Nov 2022 03:19:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
c0.wp.com/p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css
192.0.77.37200 OK 12 kB URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (12105)
Hash 2fcdccb045648224615f723b8bab784f
1c76029d1921792bbab676b6c127c81dbeaa3fb7
f53bfa598bd0b568ea3b9080a78ea390f572890c99a4f98efe133fe46be68d58
GET /p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:04 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
content-encoding: br
expires: Mon, 27 Nov 2023 09:51:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 2.9 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 72714cedb665aa8d5f0f739918f8f1b8
43dd4f454887b5735731d407351f0d875c3545ce
227b4ce68dab9bdd4d0d0a74f6f8ac17441731ec10e689338000c5a826073301
GET /c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:04 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Mon, 27 Nov 2023 09:51:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-175335834-2
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-175335834-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9125ae6927709d0cccc68d369158920b
9c90ba25f253a7c371dac5dd01ad6c94e7e29e66
6d7c123237a36ff4f29f0eab9be7fbcb58d5db7b434a56b2ef6cb86a3473456d
GET /gtag/js?id=UA-175335834-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 09:51:04 GMT
expires: Sun, 27 Nov 2022 09:51:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44702
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
192.0.77.37200 OK 16 kB URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 31eacd9dda9051ff5bad8a36b10c913d
356119f2f12af6798dcc64838c9e280606d88df4
a26499940ba04aac0df8c8b1b31e6a2cf88e88c64e5d4881a30e1607861e6c0f
GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:04 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Mon, 27 Nov 2023 09:51:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.foremedia.net/code/29173/analytics
104.21.70.8200 OK 683 B URL HTTP/2 platform.foremedia.net/code/29173/analytics
IP 104.21.70.8:0
File type ASCII text, with very long lines (1012), with no line terminators
Hash 6c67ac0b3d6bc6e93bd96a7cc3711b5b
009e10ccfa7a142d0af8af959685f9c304cf9b3e
c29306fa9a396858636c017a98887d9a5c3bb548541454230154d84924b23d30
GET /code/29173/analytics HTTP/1.1
Host: platform.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:51:05 GMT
content-type: application/javascript
set-cookie: DO-LB="MTAuMTM2LjAuNjo0NDM="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKCPre%2F4HbtNoex16ssKXio9uLjyFEmdFld1TdrtG2YnbHP7H%2FX7rawmN9Et%2Bp82Eia9X50QMf%2BL3R%2BXPCOTJpzkayeiO22C8R8gUlYVjJluxEsz7pSxnbwZaLY2vEkopvVObTnOSXtL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709f6978e21b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.ndtvimg.com/2022-11/bml8dd6_lionel-messi-afp-_625x300_27_November_22.jpg?im=FeatureCrop,algorithm=dnn,width=1200,height=675
23.38.201.26200 OK 32 kB URL HTTP/2 c.ndtvimg.com/2022-11/bml8dd6_lionel-messi-afp-_625x300_27_November_22.jpg?im=FeatureCrop,algorithm=dnn,width=1200,height=675
IP 23.38.201.26:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x675, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 29893d744f2e70f6bf6f0f80e25ff4a2
205dd55e8eb5a879f4ba6512614aa5a48dca80c4
1f6c889f686d7787b11f583d10b2ba9a036f403e6a45884d7f878d28195b1442
GET /2022-11/bml8dd6_lionel-messi-afp-_625x300_27_November_22.jpg?im=FeatureCrop,algorithm=dnn,width=1200,height=675 HTTP/1.1
Host: c.ndtvimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "2f4dda707fdbc7a0625eff20b5f6740c-1"
last-modified: Sun, 27 Nov 2022 00:44:06 GMT
server: Akamai Image Manager
content-length: 31774
content-type: image/webp
cache-control: private, no-transform, max-age=2559093
expires: Tue, 27 Dec 2022 00:42:38 GMT
date: Sun, 27 Nov 2022 09:51:05 GMT
X-Firefox-Spdy: h2
globalnews.ca/wp-content/uploads/2022/11/20221126191132-6382b0a48d039c7449db11b6jpeg-1.jpg?quality=85&strip=all&w=720&h=379&crop=1
192.0.66.184200 OK 28 kB URL HTTP/2 globalnews.ca/wp-content/uploads/2022/11/20221126191132-6382b0a48d039c7449db11b6jpeg-1.jpg?quality=85&strip=all&w=720&h=379&crop=1
IP 192.0.66.184:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 720x379, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 68ca60d26c1d6cf699db3d87da243ea6
ac44f80f14d575ee407ff8f0fccd2718e7c1358e
0bf86c55f40114c2ad0c0a0af40eb622aa41c82efe6c684b914e554c069951e4
GET /wp-content/uploads/2022/11/20221126191132-6382b0a48d039c7449db11b6jpeg-1.jpg?quality=85&strip=all&w=720&h=379&crop=1 HTTP/1.1
Host: globalnews.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:05 GMT
content-type: image/webp
content-length: 28350
last-modified: Sun, 27 Nov 2022 02:30:58 GMT
expires: Mon, 27 Nov 2023 02:30:58 GMT
etag: "a2f6ccf4678f0b4c"
vary: Accept
strict-transport-security: max-age=86400
cache-control: max-age=2592000
x-rq: arn2 109 30 443
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.foremedia.net/code/29173/c1
104.21.70.8200 OK 170 kB URL HTTP/2 platform.foremedia.net/code/29173/c1
IP 104.21.70.8:0
Size 170 kB (169663 bytes)
Hash f52f90478f416e813373a17798a6a49e
9f77603190080ec0abac557d461407a457e8e082
d42fd30f4efcb87967009e22eb808a815dfbf4e5fd3b9ccdf726b85fe9cae875
GET /code/29173/c1 HTTP/1.1
Host: platform.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:51:05 GMT
content-type: text/html; charset=UTF-8
set-cookie: DO-LB="MTAuMTM2LjAuNjo0NDM="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKP24XAXTj%2BQHTWOJ8YdVyS0UwaQdO1hKLBF6%2F%2FA54Rpm3pb%2F8Mss8vmcVjJ2ovKXmeTJlA0gf2JDezLwk%2FEc4z5xBF824UGxntc13tKHu7dcv1pvFTFbwcxoLXqMVblliAgxQKxEYZp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709f697de88b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 15 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (43771)
Hash 97b9c412e04d8edb01a6985cd48d01c6
0ae5e4cc7ffc0c35f0cb6240a72f05b0117b97ed
4121ccef3b3e79409ba698d37720bfeea5fecff6f79a53fc36f846bc3fffb25b
GET /c/6.0.3/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:04 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Mon, 27 Nov 2023 09:51:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 310617
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 313036
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 1.5 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 63d782f7730b7528983c6b105998ad69
ca28ffa6c500a3ece79a4ae80879978640b7ad5d
04ec5e3339238e4c441958be1e6a1094ae80e65f62fa94a67f2bd762e2f4d603
GET /c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:04 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Mon, 27 Nov 2023 09:51:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 274094
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 310604
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 330213
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.wp.com/g.gif?v=ext&blog=182570968&post=11219&tz=5.5&srv=natsegal.com&j=1%3A11.5.1&host=natsegal.com&ref=&fcp=3444&rand=0.6744228005097974
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=182570968&post=11219&tz=5.5&srv=natsegal.com&j=1%3A11.5.1&host=natsegal.com&ref=&fcp=3444&rand=0.6744228005097974
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=182570968&post=11219&tz=5.5&srv=natsegal.com&j=1%3A11.5.1&host=natsegal.com&ref=&fcp=3444&rand=0.6744228005097974 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:05 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
edata.ndtv.com/twittergft/sport_automated_story/big_638051468173485057.png
23.38.201.26200 OK 571 kB URL HTTP/2 edata.ndtv.com/twittergft/sport_automated_story/big_638051468173485057.png
IP 23.38.201.26:0
File type PNG image data, 1200 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 571 kB (571309 bytes)
Hash beca3fb78d0ad0d2d51c25caace1738f
1c5ed98e45727d799654678fa9e34ca3995cdd26
1a4456682a47818e90a6a724fc3ff49f34717158b1687ece2efd2d9ae7c5794e
GET /twittergft/sport_automated_story/big_638051468173485057.png HTTP/1.1
Host: edata.ndtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 571309
server: nginx
last-modified: Sun, 27 Nov 2022 06:23:44 GMT
etag: "beca3fb78d0ad0d2d51c25caace1738f"
x-cache-status: EXPIRED
cache-control: max-age=604800
expires: Sun, 04 Dec 2022 09:51:05 GMT
date: Sun, 27 Nov 2022 09:51:05 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.3.1
142.250.74.10200 OK 77 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.3.1
IP 142.250.74.10:0
Hash c8d87e9fcf67a9eb89bc69c89085eca4
1164a1df1f784ea7523c51ab3288bc4288aace38
f578202be549ed0ca8e4f852ea7694593e9065f1f49eeace18498f707bca2a0c
GET /css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.3.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 09:51:04 GMT
date: Sun, 27 Nov 2022 09:51:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b1e4f2384756866fb15c5b1acd9e793b
823b25f27ebaecde4804aef4c26857212a756b5b
b1f0466538976e94b6c2f002500a371695696a1830d63a7dde4278fbd4b8065d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 09:51:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 06:13:40 GMT
Expires: Fri, 02 Dec 2022 06:13:39 GMT
Etag: "823b25f27ebaecde4804aef4c26857212a756b5b"
Cache-Control: max-age=418353,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7709f69dad96b511-OSL
stats.wp.com/e-202247.js
192.0.76.3200 OK 3.4 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash 1015b4fdd3922aa883ae2bfd6bc832fd
3a3a05c6db53b2a2facc4ac68d99e263c20bfbd6
2cc6c82ed15355bec8806dd484c81fbafddbbd5465a120ceec85be64fca6f1af
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:05 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
static.foremedia.net/tag/display.js
151.139.128.10200 OK 6.2 kB URL HTTP/2 static.foremedia.net/tag/display.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (18413)
Hash 76a700afd82e4b5255203e3868e457dc
9c6d7ac5f372357ccaf6b4d9c7c2fa5c574c3fd4
693f76ac6ab36441ce21737938829309c574bbf7c495cda89e4a450864fb4042
GET /tag/display.js HTTP/1.1
Host: static.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:51:05 GMT
content-encoding: gzip
content-length: 6229
content-type: application/javascript
last-modified: Wed, 02 Dec 2020 13:38:43 GMT
accept-ranges: bytes
server: nginx
etag: W/"5fc798e3-481a"
cache-control: max-age=86400
x-hw: 1669542665.cds225.sk1.hn,1669542665.cds237.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
edata.ndtv.com/twittergft/sport_automated_story/big_638051395694044145.png
23.38.201.26200 OK 571 kB URL HTTP/2 edata.ndtv.com/twittergft/sport_automated_story/big_638051395694044145.png
IP 23.38.201.26:0
File type PNG image data, 1200 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 571 kB (570757 bytes)
Hash 4c3d3f421a74bfc4a8a96b7202f59f60
38f9d48fc9fb5254526c57786d744856967bbde6
94b012bc799e9da93900bbecae42f5089f9670d63710685646a2739177a81013
GET /twittergft/sport_automated_story/big_638051395694044145.png HTTP/1.1
Host: edata.ndtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 570757
server: nginx
last-modified: Sun, 27 Nov 2022 04:22:52 GMT
etag: "4c3d3f421a74bfc4a8a96b7202f59f60"
x-cache-status: EXPIRED
cache-control: max-age=604800
expires: Sun, 04 Dec 2022 09:51:05 GMT
date: Sun, 27 Nov 2022 09:51:05 GMT
X-Firefox-Spdy: h2
cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=3327777
77.245.57.72200 OK 311 B URL HTTP/1.1 cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=3327777
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type JSON data\012- HTML document, ASCII text, with very long lines (311), with no line terminators
Hash adac61e79f77268a45aba532d7839d1d
770018c59eef9f0d229a5fed16e87d051a28fc15
1b936c5d222081a851db9076c70be333adf8ebb37c78efedc9c43b108e356aa1
GET /tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=3327777 HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 09:51:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 311
Connection: close
Access-Control-Allow-Origin: https://natsegal.com
Vary: Origin
Access-Control-Allow-Credentials: true
cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140166&size=300x600&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=70464095
77.245.57.72200 OK 313 B URL HTTP/1.1 cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140166&size=300x600&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=70464095
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type JSON data\012- HTML document, ASCII text, with very long lines (313), with no line terminators
Hash 17baf3feae92977b9bd5c0ca422fd224
5da8d979f8aa43fd1239aef25a9bf24520de11b5
85306bc9704859dbb1e458bbed81f7c8b5196425256a3302c2c1df5f27e08e69
GET /tag?ad_type=json&ver=2.0&zone_id=140166&size=300x600&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=70464095 HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 09:51:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 313
Connection: close
Access-Control-Allow-Origin: https://natsegal.com
Vary: Origin
Access-Control-Allow-Credentials: true
static.foremedia.net/n843/ad/728x90_tKluwbYB.jpg
151.139.128.10200 OK 8.7 kB URL HTTP/2 static.foremedia.net/n843/ad/728x90_tKluwbYB.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 318x90, components 3\012- data
Hash b65f46337d820ee5db9ff3d275cba0d1
11f92e8f64a1f4d96b493db62a14116cbc0c6332
bff1e8506d7d8c2ad4b6dd8b510bc5acf9fafc34e564889632b798288d681338
GET /n843/ad/728x90_tKluwbYB.jpg HTTP/1.1
Host: static.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:51:06 GMT
content-length: 8690
content-type: image/jpeg
last-modified: Sun, 21 Aug 2022 13:42:43 GMT
accept-ranges: bytes
server: nginx
etag: "63023653-21f2"
cache-control: max-age=86400
x-hw: 1669542666.cds225.sk1.hn,1669542666.cds260.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-2MQSFDYYEL>m=2oeb90&_p=1333250089&cid=1658112366.1669542666&ul=en-us&sr=1280x1024&_s=1&sid=1669542665&sct=1&seg=0&dl=https%3A%2F%2Fnatsegal.com%2F&dt=Latest%20News%3A%20Today%27s%20big%20news%20headlines%20from%20...%20-%20Smore%20Newsletter&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2MQSFDYYEL>m=2oeb90&_p=1333250089&cid=1658112366.1669542666&ul=en-us&sr=1280x1024&_s=1&sid=1669542665&sct=1&seg=0&dl=https%3A%2F%2Fnatsegal.com%2F&dt=Latest%20News%3A%20Today%27s%20big%20news%20headlines%20from%20...%20-%20Smore%20Newsletter&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2MQSFDYYEL>m=2oeb90&_p=1333250089&cid=1658112366.1669542666&ul=en-us&sr=1280x1024&_s=1&sid=1669542665&sct=1&seg=0&dl=https%3A%2F%2Fnatsegal.com%2F&dt=Latest%20News%3A%20Today%27s%20big%20news%20headlines%20from%20...%20-%20Smore%20Newsletter&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://natsegal.com
date: Sun, 27 Nov 2022 09:51:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.foremedia.net/n843/ad/300x600_Wv4ed8Lx.JPG
151.139.128.10200 OK 21 kB URL HTTP/2 static.foremedia.net/n843/ad/300x600_Wv4ed8Lx.JPG
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x539, components 3\012- data
Hash d9045d0c0e6ad386b5eb59585911587e
73d17907de16e3b86cabcf30906672c8867816fe
248451234f76cf8bc217974bd915bf104f3d6856d80a8f38c1a1be8f08089cd5
GET /n843/ad/300x600_Wv4ed8Lx.JPG HTTP/1.1
Host: static.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:51:06 GMT
content-length: 21104
content-type: image/jpeg
last-modified: Sun, 21 Aug 2022 13:37:40 GMT
accept-ranges: bytes
server: nginx
etag: "63023524-5270"
cache-control: max-age=86400
x-hw: 1669542666.cds225.sk1.hn,1669542666.cds239.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cpm.foremedia.net/win?i=cWrT0-xtwGE_0&f=imp
77.245.57.72200 OK 42 B URL HTTP/1.1 cpm.foremedia.net/win?i=cWrT0-xtwGE_0&f=imp
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /win?i=cWrT0-xtwGE_0&f=imp HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 09:51:06 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
cpm.foremedia.net/win?i=5f6RxJ4ic5Q_0&f=imp
77.245.57.72200 OK 42 B URL HTTP/1.1 cpm.foremedia.net/win?i=5f6RxJ4ic5Q_0&f=imp
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /win?i=5f6RxJ4ic5Q_0&f=imp HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 09:51:06 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 27 Nov 2022 08:41:08 GMT
expires: Sun, 27 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 4198
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=27867633
77.245.57.72200 OK 852 B URL HTTP/1.1 cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=27867633
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash b6e1b8ed3bd457d0ac4d530cef07778e
61b7edeeace14a8d4371cbd1105fab45af6e9f88
23f630898965b46d00074e8de58dae3950538e01c7b4310766b45fd81babd6cb
GET /tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=27867633 HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 09:51:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 313
Connection: close
Access-Control-Allow-Origin: https://natsegal.com
Vary: Origin
Access-Control-Allow-Credentials: true
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 1707f5250ec4ae523928d953adab3883
8414821881b08360ea6e27050365d76e8f62091f
9387dc3dd9ae17f32185205e08d1d0d5ff18b2ce4fe77f9159a3ea63b944db88
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 09:51:06 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 01 Dec 2022 08:01:51 GMT
ETag: "8414821881b08360ea6e27050365d76e8f62091f"
Last-Modified: Sun, 27 Nov 2022 08:01:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3009
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7709f6a3cf9bb505-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4678666607300105
142.250.74.130200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4678666607300105
IP 142.250.74.130:0
File type ASCII text, with very long lines (4885)
Hash 63b5eb2a00f9c2de91faddd27ff07cc2
2ad387b81664318f565ee9873ff6a88d9dba08e0
4d518b7e99a0c3c810400aa979594fdb04db3a060cccb62847cb64893ad4cad2
GET /pagead/js/adsbygoogle.js?client=ca-pub-4678666607300105 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 27 Nov 2022 09:51:06 GMT
expires: Sun, 27 Nov 2022 09:51:06 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14474138042485869934
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49147
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.foremedia.net/n843/ad/300x250_WceZoi9T.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 static.foremedia.net/n843/ad/300x250_WceZoi9T.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 9eb100050d3b284228f085317adc173e
f2a4ed241650c13795d0f13806dd4cbe5f2aa665
e78d20d606e2e02f3ef136bb8cd041b6ec47d7b4062efa62b3dcf99329a936ae
GET /n843/ad/300x250_WceZoi9T.jpg HTTP/1.1
Host: static.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:51:06 GMT
content-length: 10883
content-type: image/jpeg
last-modified: Sun, 21 Aug 2022 13:28:25 GMT
accept-ranges: bytes
server: nginx
etag: "630232f9-2a83"
cache-control: max-age=86400
x-hw: 1669542666.cds225.sk1.hn,1669542666.cds238.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=37301744
77.245.57.72200 OK 311 B URL HTTP/1.1 cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=37301744
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type JSON data\012- HTML document, ASCII text, with very long lines (311), with no line terminators
Hash d65e865a0fb480382927434c7f8ae63e
d6ef98486d959cab284683dcca49fd85d7cde592
cf8e6d4a4c465a1fe436857ace997ce4b0b298162e3ceaf0de01e6fbbbd8cc60
GET /tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=37301744 HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 09:51:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 311
Connection: close
Access-Control-Allow-Origin: https://natsegal.com
Vary: Origin
Access-Control-Allow-Credentials: true
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73267
date: Sun, 27 Nov 2022 09:51:06 GMT
access-control-allow-origin: *
etag: "637f41b2-11e33"
expires: Sun, 27 Nov 2022 10:51:06 GMT
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cpm.foremedia.net/win?i=iyGm0Ok*tAM_0&f=imp
77.245.57.72200 OK 42 B URL HTTP/1.1 cpm.foremedia.net/win?i=iyGm0Ok*tAM_0&f=imp
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /win?i=iyGm0Ok*tAM_0&f=imp HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 09:51:07 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
mc.yandex.ru/watch/91144940
87.250.250.119302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/91144940
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/91144940 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/91144940/1
date: Sun, 27 Nov 2022 09:51:06 GMT
set-cookie: yandexuid=5224281141669542666; Expires=Mon, 27-Nov-2023 09:51:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5224281141669542666; Expires=Mon, 27-Nov-2023 09:51:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1325817571669542666; Path=/; SameSite=None; Secure
i=fcL5lhh8u/U/rf0cn8idfEsyhIgsQMz4lvcJW8+TDa47uB+5pKPi9QEmmLGlGKlD0cjxRa8oRqEpNodBfl8eduEXIE8=; Expires=Wed, 24-Nov-2032 09:51:06 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701078666.yc.1669542666#1701078666.yrts.1669542666#1701078666.yrtsi.1669542666; Expires=Mon, 27-Nov-2023 09:51:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:06 GMT
last-modified: Sun, 27-Nov-2022 09:51:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
static.foremedia.net/n843/ad/728x90_Wfw7yvAn.png
151.139.128.10200 OK 182 kB URL HTTP/2 static.foremedia.net/n843/ad/728x90_Wfw7yvAn.png
IP 151.139.128.10:0
File type PNG image data, 711 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 182 kB (181583 bytes)
Hash 10dcaf12409bb49a96e658c4d9fbbd2b
19c733dd3b4fc3c0fd3ddfb1e46203baad4a4edb
3cc74e8ef549b26d799714241bf6454d46891501fb2435d84ff61c2508da0a9d
GET /n843/ad/728x90_Wfw7yvAn.png HTTP/1.1
Host: static.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:51:07 GMT
content-length: 181583
content-type: image/png
last-modified: Sun, 21 Aug 2022 13:26:40 GMT
accept-ranges: bytes
server: nginx
etag: "63023290-2c54f"
cache-control: max-age=86400
x-hw: 1669542667.cds225.sk1.hn,1669542667.cds232.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cpm.foremedia.net/win?i=JA*8Q3bycIM_0&f=imp
77.245.57.72200 OK 42 B URL HTTP/1.1 cpm.foremedia.net/win?i=JA*8Q3bycIM_0&f=imp
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /win?i=JA*8Q3bycIM_0&f=imp HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 09:51:07 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15619e238e943befcd5fa4737f76c851
7198f9cb4672d54e5d6812730b875b6172e64b53
7ecac89dd434501d9e15d8c728d1ec497ac7b4962285396c7fbfcc7987700ca0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=natsegal.com&callback=_gfp_s_&client=ca-pub-4678666607300105&gpid_exp=1
172.217.21.162200 OK 254 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=natsegal.com&callback=_gfp_s_&client=ca-pub-4678666607300105&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (391), with no line terminators
Hash e615919d6134a71159140eac84009511
3a10aae1e2cc1fed1191addb0f4d01646973b743
f59b84ea048e1eabae45b4822c0be74dd3f13079cc6f0340471c1c8353a2bfa4
GET /gampad/cookie.js?domain=natsegal.com&callback=_gfp_s_&client=ca-pub-4678666607300105&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 27 Nov 2022 09:51:07 GMT
server: cafe
cache-control: private
content-length: 254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=natsegal.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=natsegal.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=natsegal.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 27 Nov 2022 09:51:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15619e238e943befcd5fa4737f76c851
7198f9cb4672d54e5d6812730b875b6172e64b53
7ecac89dd434501d9e15d8c728d1ec497ac7b4962285396c7fbfcc7987700ca0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=natsegal.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=natsegal.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=natsegal.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 27 Nov 2022 09:51:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 27 Nov 2022 09:51:07 GMT
access-control-allow-origin: *
etag: "637f41b2-2b"
expires: Sun, 27 Nov 2022 10:51:07 GMT
accept-ranges: bytes
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/91144940/1?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A3444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1388092724821%3Ahid%3A1020705232%3Az%3A0%3Ai%3A20221127095106%3Aet%3A1669542667%3Ac%3A1%3Arn%3A871846881%3Arqn%3A1%3Au%3A1669542667501617669%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1558%2C0%2C922%2C0%2C%2C1076%2C87%2C%2C%2C%2C3598%3Ans%3A1669542661857%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669542667%3At%3ALatest%20News%3A%20Today%27s%20big%20news%20headlines%20from%20...%20-%20Smore%20Newsletter&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
87.250.250.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/91144940/1?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A3444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1388092724821%3Ahid%3A1020705232%3Az%3A0%3Ai%3A20221127095106%3Aet%3A1669542667%3Ac%3A1%3Arn%3A871846881%3Arqn%3A1%3Au%3A1669542667501617669%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1558%2C0%2C922%2C0%2C%2C1076%2C87%2C%2C%2C%2C3598%3Ans%3A1669542661857%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669542667%3At%3ALatest%20News%3A%20Today%27s%20big%20news%20headlines%20from%20...%20-%20Smore%20Newsletter&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 1cba4e7f4ca10d267797f7bda12827d0
f16aa709fc0b8fb0feda55c4c06292bdf4f22cee
8f3b715889a7789874eeeab935eb0d820f6b71db3df72d2de71b28ee28ba1019
GET /watch/91144940/1?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A3444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1388092724821%3Ahid%3A1020705232%3Az%3A0%3Ai%3A20221127095106%3Aet%3A1669542667%3Ac%3A1%3Arn%3A871846881%3Arqn%3A1%3Au%3A1669542667501617669%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1558%2C0%2C922%2C0%2C%2C1076%2C87%2C%2C%2C%2C3598%3Ans%3A1669542661857%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669542667%3At%3ALatest%20News%3A%20Today%27s%20big%20news%20headlines%20from%20...%20-%20Smore%20Newsletter&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Referer: https://natsegal.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Sun, 27 Nov 2022 09:51:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:07 GMT
last-modified: Sun, 27-Nov-2022 09:51:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
media.cnn.com/api/v1/images/stellar/prod/221127002442-01-kim-jong-un-missile-101022.jpg?c=16x9&q=w_800,c_fill
151.101.87.5200 OK 32 kB URL HTTP/2 media.cnn.com/api/v1/images/stellar/prod/221127002442-01-kim-jong-un-missile-101022.jpg?c=16x9&q=w_800,c_fill
IP 151.101.87.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 300x300, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash da6a6701eb70cdad53eec920040d0e7f
3903c266993e4b56306184ec6f85608fac91f2f7
71401b7392dbfddd436a176806e97f004ec6537e5c86ce7a68748350150504d4
GET /api/v1/images/stellar/prod/221127002442-01-kim-jong-un-missile-101022.jpg?c=16x9&q=w_800,c_fill HTTP/1.1
Host: media.cnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=604800
accept-ranges: bytes
date: Sun, 27 Nov 2022 09:51:07 GMT
age: 8826
set-cookie: countryCode=NO; Domain=.cnn.com; Path=/; SameSite=None; Secure
stateCode=03; Domain=.cnn.com; Path=/; SameSite=None; Secure
geoData=oslo|03|0168|NO|EU|100|broadband|59.930|10.730; Domain=.cnn.com; Path=/; SameSite=None; Secure
x-served-by: cache-iad-kcgs7200099-IAD, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 89, 1
x-timer: S1669542668.592688,VS0,VE1
content-length: 32532
X-Firefox-Spdy: h2
media.cnn.com/api/v1/images/stellar/prod/221127020153-01-tsai-ing-wen-112622.jpg?c=16x9&q=w_800,c_fill
151.101.87.5200 OK 71 kB URL HTTP/2 media.cnn.com/api/v1/images/stellar/prod/221127020153-01-tsai-ing-wen-112622.jpg?c=16x9&q=w_800,c_fill
IP 151.101.87.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 300x300, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash a452f1628fe5f5c41ec77e99fe4542f4
86a856407aae45c5ca487723fbec56f23df886ad
ea281de58401ff0569f30cdc23e06b028ef0eb456f1b840ddd6be07e8efb3b3e
GET /api/v1/images/stellar/prod/221127020153-01-tsai-ing-wen-112622.jpg?c=16x9&q=w_800,c_fill HTTP/1.1
Host: media.cnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=604800
accept-ranges: bytes
date: Sun, 27 Nov 2022 09:51:07 GMT
age: 7349
set-cookie: countryCode=NO; Domain=.cnn.com; Path=/; SameSite=None; Secure
stateCode=03; Domain=.cnn.com; Path=/; SameSite=None; Secure
geoData=oslo|03|0168|NO|EU|100|broadband|59.930|10.730; Domain=.cnn.com; Path=/; SameSite=None; Secure
x-served-by: cache-iad-kiad7000109-IAD, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 165, 1
x-timer: S1669542668.592857,VS0,VE2
content-length: 70551
X-Firefox-Spdy: h2
media.cnn.com/api/v1/images/stellar/prod/221126174045-01-urumqi-fire-protests.jpg?c=16x9&q=w_800,c_fill
151.101.87.5200 OK 27 kB URL HTTP/2 media.cnn.com/api/v1/images/stellar/prod/221126174045-01-urumqi-fire-protests.jpg?c=16x9&q=w_800,c_fill
IP 151.101.87.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 300x300, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 7a05d6340d0d235aa413d97b77599a29
bf854b7103c71fedc3115ca754503da5d8ebce56
b2fdae6e7de266a2b1dfe19cf3598bc1dc8ff74bb21e067bfc0096da96c26883
GET /api/v1/images/stellar/prod/221126174045-01-urumqi-fire-protests.jpg?c=16x9&q=w_800,c_fill HTTP/1.1
Host: media.cnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=604800
accept-ranges: bytes
date: Sun, 27 Nov 2022 09:51:07 GMT
age: 27102
set-cookie: countryCode=NO; Domain=.cnn.com; Path=/; SameSite=None; Secure
stateCode=03; Domain=.cnn.com; Path=/; SameSite=None; Secure
geoData=oslo|03|0168|NO|EU|100|broadband|59.930|10.730; Domain=.cnn.com; Path=/; SameSite=None; Secure
x-served-by: cache-iad-kiad7000089-IAD, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 285, 2
x-timer: S1669542668.603192,VS0,VE0
content-length: 26928
X-Firefox-Spdy: h2
media.cnn.com/api/v1/images/stellar/prod/221126220806-01-david-murray-0283.jpg?c=16x9&q=w_800,c_fill
151.101.87.5200 OK 47 kB URL HTTP/2 media.cnn.com/api/v1/images/stellar/prod/221126220806-01-david-murray-0283.jpg?c=16x9&q=w_800,c_fill
IP 151.101.87.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 300x300, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 17085d674588d065f6953c953644c61e
2beb1cd6cd933e5db7cae6f5b59117404a88d0f3
de116c393bc3ad7bec47cef21f21fd78fcaf1802d9a8bc362fde006db7330d47
GET /api/v1/images/stellar/prod/221126220806-01-david-murray-0283.jpg?c=16x9&q=w_800,c_fill HTTP/1.1
Host: media.cnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Cookie: countryCode=NO; stateCode=03; geoData=oslo|03|0168|NO|EU|100|broadband|59.930|10.730
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=604800
accept-ranges: bytes
date: Sun, 27 Nov 2022 09:51:07 GMT
age: 20973
set-cookie: countryCode=NO; Domain=.cnn.com; Path=/; SameSite=None; Secure
stateCode=03; Domain=.cnn.com; Path=/; SameSite=None; Secure
geoData=oslo|03|0168|NO|EU|100|broadband|59.930|10.730; Domain=.cnn.com; Path=/; SameSite=None; Secure
x-served-by: cache-iad-kcgs7200043-IAD, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 109, 4
x-timer: S1669542668.627031,VS0,VE0
content-length: 47238
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0c7f923b97046608033f90253a891bf0
bf5025e94ed9ea85ee3e7677561ee686480b526c
1062154cd5de28de1d012a4f4d10fb5e548fabf6d67918eaeb745975949a3294
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 27 Nov 2022 09:51:07 GMT
expires: Sun, 27 Nov 2022 09:51:07 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:10:36 GMT
expires: Wed, 22 Nov 2023 20:10:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 394831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 09:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash ee070b64fdb9b7ed1ce7a7b20e6c713b
c5183d566fc761b4194391e8ff30b10196f060fc
f523310ff33bd473d872d0165455562cfef729f2b5de8685fb8968c7801acfaa
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 27 Nov 2022 09:51:07 GMT
date: Sun, 27 Nov 2022 09:51:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-nVluSoToBpI_8f-FNA3V-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=2&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=859371723&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542669%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095108%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542669&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=2&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=859371723&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542669%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095108%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542669&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/91144940?wmode=0&wv-part=2&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=859371723&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542669%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095108%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542669&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 371674
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 27 Nov 2022 09:51:09 GMT
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:09 GMT
last-modified: Sun, 27-Nov-2022 09:51:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=1&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=94813704&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542669%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095108%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542669&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=1&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=94813704&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542669%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095108%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542669&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/91144940?wmode=0&wv-part=1&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=94813704&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542669%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095108%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542669&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 371675
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 27 Nov 2022 09:51:09 GMT
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:09 GMT
last-modified: Sun, 27-Nov-2022 09:51:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=1&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=533918660&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1669542670%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095109%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542670&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=1&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=533918660&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1669542670%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095109%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542670&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/91144940?wmode=0&wv-part=1&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=533918660&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1669542670%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095109%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542670&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 27 Nov 2022 09:51:09 GMT
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:09 GMT
last-modified: Sun, 27-Nov-2022 09:51:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=3&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=410791586&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542670%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095110%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542670&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=3&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=410791586&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542670%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095110%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542670&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/91144940?wmode=0&wv-part=3&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=410791586&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542670%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095110%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542670&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4436
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 27 Nov 2022 09:51:10 GMT
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:10 GMT
last-modified: Sun, 27-Nov-2022 09:51:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6328cb630204883d77babc9922075f1
e440f7b94b53b6e7880b26f9653b1b266aae0190
b15144c88277e24acde95b45e56fb2d237f5b1d34a9590aa5aa2741f7102a9fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8584
x-amzn-requestid: ef9e42a9-be9d-4239-831d-4c4250b0cb8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCKAsGTDIAMFa1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8a04-17e610e05ee024007d64c6ea;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 02:48:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t-piL9xKmcPO_0sQryoAbpT03ZaUonSHkGK6eD3fid_WrQRJgEvgrw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 14:36:47 GMT
age: 69264
etag: "e440f7b94b53b6e7880b26f9653b1b266aae0190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91144940?wv-check=48204&wv-type=0&wmode=0&wv-part=1&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=153190153&browser-info=gdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/91144940?wv-check=48204&wv-type=0&wmode=0&wv-part=1&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=153190153&browser-info=gdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/91144940?wv-check=48204&wv-type=0&wmode=0&wv-part=1&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=153190153&browser-info=gdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 27 Nov 2022 09:51:11 GMT
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:11 GMT
last-modified: Sun, 27-Nov-2022 09:51:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=2&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=774813312&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=2&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=774813312&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/91144940?wmode=0&wv-part=2&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=774813312&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 27 Nov 2022 09:51:11 GMT
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:11 GMT
last-modified: Sun, 27-Nov-2022 09:51:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=4&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=709883646&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/91144940?wmode=0&wv-part=4&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=709883646&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/91144940?wmode=0&wv-part=4&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=709883646&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 27 Nov 2022 09:51:11 GMT
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:11 GMT
last-modified: Sun, 27-Nov-2022 09:51:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91144940?wv-check=52391&wv-type=0&wmode=0&wv-part=2&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=98282998&browser-info=gdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2)
87.250.250.119200 OK 584 B URL HTTP/2 mc.yandex.ru/webvisor/91144940?wv-check=52391&wv-type=0&wmode=0&wv-part=2&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=98282998&browser-info=gdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2)
IP 87.250.250.119:0
Hash 2d8aae33d061fb84c8b06579fb68cef5
6108322a3a913ec9ba0339b8bb726a9e27f42146
a0673c2b411fe18f98b129bbf53c831d1382c6179a12a9b80ffcf44e3cf90982
POST /webvisor/91144940?wv-check=52391&wv-type=0&wmode=0&wv-part=2&wv-hit=1020705232&page-url=https%3A%2F%2Fnatsegal.com%2F&rn=98282998&browser-info=gdpr%3A14%3Aet%3A1669542671%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221127095111%3Au%3A1669542667501617669%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669542671&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 27 Nov 2022 09:51:11 GMT
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:11 GMT
last-modified: Sun, 27-Nov-2022 09:51:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/comment-reply.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/comment-reply.min.js
IP 192.0.77.37:0
GET /c/6.0.3/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Mon, 27 Nov 2023 09:51:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
platform.foremedia.net/code/29173/footer_float
104.21.70.8200 OK 0 B URL HTTP/2 platform.foremedia.net/code/29173/footer_float
IP 104.21.70.8:0
GET /code/29173/footer_float HTTP/1.1
Host: platform.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 09:51:05 GMT
content-type: application/javascript
set-cookie: DO-LB="MTAuMTM2LjAuNTo0NDM="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmaQLnQNNCHRo5%2B%2BO32lgtIa4eZIRz5h4uCqJK%2BGi77Wd7kLFw2XL76cQPsk%2FsE3lGumO7yzJhLGCet8zlBKWhaSNhfs1QMqzH4NUN7OeOn5hArnHg9oCKvT5okbVD98IZH6UahHdYI2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709f697ee9cb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/91144940?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A3444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1388092724821%3Ahid%3A1020705232%3Az%3A0%3Ai%3A20221127095106%3Aet%3A1669542667%3Ac%3A1%3Arn%3A871846881%3Arqn%3A1%3Au%3A1669542667501617669%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1558%2C0%2C922%2C0%2C%2C1076%2C87%2C%2C%2C%2C3598%3Ans%3A1669542661857%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669542667%3At%3ALatest%20News%3A%20Today%27s%20big%20news%20headlines%20from%20...%20-%20Smore%20Newsletter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/91144940?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A3444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1388092724821%3Ahid%3A1020705232%3Az%3A0%3Ai%3A20221127095106%3Aet%3A1669542667%3Ac%3A1%3Arn%3A871846881%3Arqn%3A1%3Au%3A1669542667501617669%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1558%2C0%2C922%2C0%2C%2C1076%2C87%2C%2C%2C%2C3598%3Ans%3A1669542661857%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669542667%3At%3ALatest%20News%3A%20Today%27s%20big%20news%20headlines%20from%20...%20-%20Smore%20Newsletter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
GET /watch/91144940?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A3444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1388092724821%3Ahid%3A1020705232%3Az%3A0%3Ai%3A20221127095106%3Aet%3A1669542667%3Ac%3A1%3Arn%3A871846881%3Arqn%3A1%3Au%3A1669542667501617669%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1558%2C0%2C922%2C0%2C%2C1076%2C87%2C%2C%2C%2C3598%3Ans%3A1669542661857%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669542667%3At%3ALatest%20News%3A%20Today%27s%20big%20news%20headlines%20from%20...%20-%20Smore%20Newsletter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/91144940/1?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A3444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1388092724821%3Ahid%3A1020705232%3Az%3A0%3Ai%3A20221127095106%3Aet%3A1669542667%3Ac%3A1%3Arn%3A871846881%3Arqn%3A1%3Au%3A1669542667501617669%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1558%2C0%2C922%2C0%2C%2C1076%2C87%2C%2C%2C%2C3598%3Ans%3A1669542661857%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669542667%3At%3ALatest%20News%3A%20Today%27s%20big%20news%20headlines%20from%20...%20-%20Smore%20Newsletter&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 27 Nov 2022 09:51:07 GMT
access-control-allow-origin: https://natsegal.com
set-cookie: yandexuid=2457278601669542667; Expires=Mon, 27-Nov-2023 09:51:07 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2457278601669542667; Expires=Mon, 27-Nov-2023 09:51:07 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1966730211669542667; Path=/; SameSite=None; Secure
i=8mzfWIKuyaIPdwy4bu+JhDe23zdvzWtnPNFIi7fmnNYQvjzyEIiB4tY4pWV2BS0EZDhx/IE7Sellk2qYRxLwRjKu5x4=; Expires=Wed, 24-Nov-2032 09:51:07 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701078667.yc.1669542667#1701078667.yrts.1669542667#1701078667.yrtsi.1669542667; Expires=Mon, 27-Nov-2023 09:51:07 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 27-Nov-2022 09:51:07 GMT
last-modified: Sun, 27-Nov-2022 09:51:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/underscore.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/underscore.min.js
IP 192.0.77.37:0
GET /c/6.0.3/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 27 Apr 2022 14:39:21 GMT
content-encoding: br
expires: Mon, 27 Nov 2023 09:51:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.0.3/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 09:51:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Mon, 27 Nov 2023 09:51:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
natsegal.com/
185.28.21.131200 OK 0 B IP 185.28.21.131:0
ASN #47583 Hostinger International Limited
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
content-type: text/html; charset=UTF-8
link: <https://natsegal.com/wp-json/>; rel="https://api.w.org/", <https://natsegal.com/wp-json/wp/v2/pages/11219>; rel="alternate"; type="application/json", <https://natsegal.com/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 974_HTTP.200,974_front,974_URL.6666cd76f96956469e7be39d750cc7d9,974_F,974_Po.11219,974_PGS,974_
etag: "112873-1669542664;br"
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 09:51:04 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2