Overview

URL natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
IP185.28.21.131
ASNHostinger International Limited
Location Cyprus
Report completed2022-09-04 09:41:59 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-04 2 natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournamen (...) Phishing
2022-09-04 2 natsegal.com/wp-content/themes/newscard/assets/library/font-awesome/css/fon (...) Phishing
2022-09-04 2 natsegal.com/wp-content/themes/newscard/style.css?ver=6.0.2 Phishing
2022-09-04 2 natsegal.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/fr (...) Phishing
2022-09-04 2 natsegal.com/wp-content/themes/newscard/assets/library/bootstrap/js/popper. (...) Phishing
2022-09-04 2 natsegal.com/wp-content/themes/newscard/assets/library/bootstrap/js/bootstr (...) Phishing
2022-09-04 2 natsegal.com/wp-content/themes/newscard/assets/library/match-height/jquery. (...) Phishing
2022-09-04 2 natsegal.com/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ve (...) Phishing
2022-09-04 2 natsegal.com/wp-content/themes/newscard/assets/library/sticky/jquery.sticky (...) Phishing
2022-09-04 2 natsegal.com/wp-content/themes/newscard/assets/library/sticky/jquery.sticky (...) Phishing
2022-09-04 2 natsegal.com/wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2 Phishing
2022-09-04 2 natsegal.com/wp-content/plugins/visual-footer-credit-remover/script.js?ver=6.0.2 Phishing
2022-09-04 2 natsegal.com/wp-content/plugins/featured-image-from-url/includes/html/js/im (...) Phishing
2022-09-04 2 natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournamen (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (21)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-04 04:42:21 UTC 142.250.74.10
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-09-04 04:49:47 UTC 142.250.74.3
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-04 07:33:36 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-04 05:49:57 UTC 143.204.55.35
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-04 05:23:53 UTC 93.184.220.29
mnemonic passive DNS c.ndtvimg.com (4) 41803 2018-05-14 10:48:29 UTC 2022-09-02 16:31:41 UTC 23.38.201.26
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-09-04 07:33:36 UTC 142.250.74.174
mnemonic passive DNS pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-09-04 08:16:53 UTC 142.250.74.34
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-09-04 06:41:11 UTC 142.250.74.66
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-04 05:22:14 UTC 143.204.55.35
mnemonic passive DNS natsegal.com (18) 0 2019-05-30 12:37:34 UTC 2022-09-03 09:45:10 UTC 185.28.21.131 Unknown ranking
mnemonic passive DNS fundingchoicesmessages.google.com (3) 2397 2019-01-16 15:59:52 UTC 2022-09-04 04:52:10 UTC 142.250.74.46
mnemonic passive DNS stats.wp.com (1) 2711 2017-01-30 05:06:59 UTC 2022-09-04 06:14:31 UTC 192.0.76.3
mnemonic passive DNS c0.wp.com (7) 6988 2018-09-24 15:59:05 UTC 2022-09-04 06:40:08 UTC 192.0.77.37
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-04 04:44:39 UTC 34.120.237.76
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-04 04:35:59 UTC 142.250.74.72
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-04 05:16:40 UTC 35.155.157.101
mnemonic passive DNS pixel.wp.com (1) 2545 2017-01-30 05:31:40 UTC 2022-09-04 07:28:30 UTC 192.0.76.3
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-09-04 04:35:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-04 04:46:21 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-04 04:35:24 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 185.28.21.131

Date UQ / IDS / BL URL IP
2022-11-27 09:51:14 +0000
0 - 0 - 3 natsegal.com/winqsb-64-bit-windows-7-download/ 185.28.21.131
2022-11-24 01:44:42 +0000
0 - 0 - 6 natsegal.com/exclusive-dominican-republic-exp (...) 185.28.21.131
2022-09-04 09:41:59 +0000
0 - 0 - 14 natsegal.com/assassins-creed-syndicate-gold-e (...) 185.28.21.131

Last 5 reports on ASN: Hostinger International Limited

Date UQ / IDS / BL URL IP
2022-12-02 08:42:27 +0000
0 - 0 - 3 rebootconsult.com/gohbank 141.136.33.233
2022-12-02 05:38:27 +0000
0 - 0 - 45 bakeknow.com/ 31.220.108.5
2022-12-02 04:40:55 +0000
0 - 0 - 2 digitalhandbook.online/ 145.14.152.182
2022-12-02 04:25:57 +0000
0 - 0 - 1 goodsup.link/ 185.212.71.193
2022-12-02 04:17:36 +0000
0 - 0 - 39 b3.bizzy.rocks/ 217.21.69.152

Last 3 reports on domain: natsegal.com

Date UQ / IDS / BL URL IP
2022-11-27 09:51:14 +0000
0 - 0 - 3 natsegal.com/winqsb-64-bit-windows-7-download/ 185.28.21.131
2022-11-24 01:44:42 +0000
0 - 0 - 6 natsegal.com/exclusive-dominican-republic-exp (...) 185.28.21.131
2022-09-04 09:41:59 +0000
0 - 0 - 14 natsegal.com/assassins-creed-syndicate-gold-e (...) 185.28.21.131

No other reports with similar screenshot



JavaScript

Executed Scripts (33)


Executed Evals (1)

#1 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1

                                        (a = 0) => {
    let b;
    const c = class {};
}
                                    

Executed Writes (0)



HTTP Transactions (71)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 04 Sep 2022 08:44:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dbhA_EYmzZAWYVaOZ30F--kqh4BzDElp95s5GOdXWKHD5zwQkEaD3w==
Age: 3465


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            GET /assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/ HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         185.28.21.131
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
date: Sun, 04 Sep 2022 09:41:48 GMT
server: LiteSpeed
location: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
content-security-policy: upgrade-insecure-requests


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11993
Expires: Sun, 04 Sep 2022 13:01:41 GMT
Date: Sun, 04 Sep 2022 09:41:48 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SE73QPtDHy6PtvlvLNsm2_laEesCnyKsxpSU4zmO1WRMACEhaGzc-Q==
age: 30391
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Sep 2022 09:41:48 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 09:38:16 GMT
Cache-Control: max-age=3600
Expires: Sun, 04 Sep 2022 10:00:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZIoagNRlhesVQ3WdC8PGjn12sUTDOIMPcnCIt9RZctE2wM0iIENljA==
Age: 213


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2752
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 09:41:49 GMT
Last-Modified: Sun, 04 Sep 2022 08:55:57 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 09:41:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 09:41:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "235bf-62f91f47-c8aa9e1e9cd507eb;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18103
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65325)
Size:   18103
Md5:    af8ede2200562148365498c57f5956c1
Sha1:   c4f6fe212361fd9104462dc9766423e967c06cf2
Sha256: 623eb598b6591c5bcaec690d9bc063c1773df484546a1b1437ade3be5ecebf63
                                        
                                            GET /wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=6.0.2 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "9226-62f91f47-3938e2c5d429421d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6959
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text, with very long lines (372)
Size:   6959
Md5:    cae1a73d8382d7e350917f87da6fd9e9
Sha1:   57115e965f871a963ccff1681ee9a10f5701336f
Sha256: 43fff6b4aef1eb1f770a096c5d35eaffabd2c4390101f149d2a1ec70a8acfa99

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /gtag/js?id=UA-175335834-2 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Sep 2022 09:41:49 GMT
expires: Sun, 04 Sep 2022 09:41:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42868
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1615)
Size:   42868
Md5:    e1a939faaecab52709c3cec6f25da790
Sha1:   e6e70e4dac175b46e6aa51385b2862565c3e77d3
Sha256: 68b25db00f3d694d9991a7284265c3c1c67e03eb087ccb3335f4a0bef6f31ee4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 09:41:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 09:41:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/newscard/style.css?ver=6.0.2 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "1d08d-62f91f47-8c6f23f1557d8b03;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16746
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (630)
Size:   16746
Md5:    0004e642d2fd68ecf28adff4e1d6669b
Sha1:   66880ee2641161505fc6ac88804bf2cff9ffbe2b
Sha256: 6580cc551429f156f028d702a6fa20c26070822a8db5672f946571dc8228077a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sat, 27 Aug 2022 04:26:32 GMT
etag: "2e7a-63099cf8-8a0f2b7b6071309e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3019
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1577)
Size:   3019
Md5:    0d41b562fe01cd514551650f82a9a7c7
Sha1:   09ba820fe6effbab1e52825d9416e35961505e17
Sha256: c47da64db995614d56f30813af15d996671e992d0663860b4e8c866c5fc069ed

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "4acc-62f91f47-6a5f36c5ebad02d1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6588
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19015)
Size:   6588
Md5:    c4cdf4e7cf8898a6106319b46dccb8fe
Sha1:   fa5a1b5c47af4f10291ee7aaa62349b2fae815cd
Sha256: fda68e100512382322534047be4183c79bba7540c99232ebac6ba295e2736aed

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "bf06-62f91f47-2069029d1b7b41e1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12363
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (48664)
Size:   12363
Md5:    68e5eee182f25f2ba338793dce9aa704
Sha1:   787654ef1ed154c86b6f1689bc459ff156fdcf64
Sha256: e8631c69fe0b3187a438daf0882cae1198f4ce3503818de28e0ae1ff9be8837d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "d34-62f91f47-bca6a8fa60637bd0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1262
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (521)
Size:   1262
Md5:    ecd38cecbfa85fca4d59096b515fa2d6
Sha1:   bb7f4e1dd59ef7510501701888042900ac844a73
Sha256: 9b46b904c1db03eb81eef5d061a63258224e776d8a5d92df10df595b96bd735b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=6.0.2 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "53-62f91f47-c326bcda80c11431;;;"
accept-ranges: bytes
content-length: 83
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   83
Md5:    a95b37cd28903b619c126faa2d7dc7cc
Sha1:   119936440dda02aa16d0c436acce55482a032d5c
Sha256: df409cda6bae37bf3f3a02f19396eb0437670f49210fe6134de95a908c0cafa4
                                        
                                            GET /wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "2ad-62f91f47-97d19e49b0f2c5d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 334
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   334
Md5:    ca4869fafc20a3543835b1f9b3ffc737
Sha1:   4e1a1b6dc19c88e4c6496d2832811c7ed90398f6
Sha256: 6d84907acbcc058d8d3b2e823f30b49ccd696cd15a15c19d777762f58f2314e4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "2765-62f91f47-de2194f13021fab;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2391
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2391
Md5:    0a1f9eb5d5a325fd47130f8f99bc4f1e
Sha1:   5c83619b4574fbf0b747f6b102181cb0d62aa551
Sha256: 0929c7adaf16675c35c79a475f09183ba94ee16bdb1eee8c28d2dd1e20883367

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=6.0.2 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "387-62f91f47-7667b7eb054cf09b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 307
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   307
Md5:    9f3fe4369e94fb875f9c700a6d36589d
Sha1:   50ed52f638860c465b18202208db9535554dcd67
Sha256: a4c2738d2cc9e7e521db178624bfd63c24115116e2680d2f10e632c7cb5d62db

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 16:13:59 GMT
etag: "96c-62f91f47-313bc1775eee7260;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 758
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   758
Md5:    8a015dd1abe34125bf05d95e1ce37237
Sha1:   39be73fdd84dc2ce0ea331d2765cc58e2a0092c6
Sha256: dcf569069c7a3140f4e7f1e062936a4a95b1a58fa2f17daf1c05eb2872601f14

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=54eb31dc971b63b49278 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 15:34:17 GMT
etag: "939-62f915f9-8f343654be933f45;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 912
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2361), with no line terminators
Size:   912
Md5:    8b4315e17f57d89da9964ad78158c448
Sha1:   26badc6928a8c593587a09421857a01ea6b20e3e
Sha256: 74ca37801b9124bc0f2aaaf955ba81306b7f6655351c8d1a725c615cd92c7a13
                                        
                                            GET /wp-content/plugins/visual-footer-credit-remover/script.js?ver=6.0.2 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Mon, 15 Aug 2022 08:37:29 GMT
etag: "8c-62fa05c9-26bf6ab0fb6471c9;;;"
accept-ranges: bytes
content-length: 140
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   140
Md5:    4db6a12c4cae4e861e57e108c22e9a7a
Sha1:   39f94c1eec113de9a336cdafe32eb211ff18b98e
Sha256: 3a70d4f27e5fd6c8f262ed7531bf2f8e9207b467d0f0c919f16248fe923e7e80

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.0.6 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Mon, 15 Aug 2022 04:26:42 GMT
etag: "ef2-62f9cb02-538bffb1a3af7b67;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 915
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   915
Md5:    1e0b5cd9e2a587692844627a680a5d9a
Sha1:   69af7a439e9b24f7d5a222ceb58424bcac359b84
Sha256: 477cc13205bf540cbdfe306b76d2c1aa1bb33b9b78901f6b5acba77e466694f9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7bHFB9X3LYkCPHWXk7YHog==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.155.157.101
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jG48RqwuHjmvHQvq8/BdxUaBWuU=

                                        
                                            GET /g.gif?v=ext&j=1%3A11.2&blog=182570968&post=0&tz=0&srv=natsegal.com&host=natsegal.com&ref=&fcp=0&rand=0.6611875110558101 HTTP/1.1 
Host: pixel.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.76.3
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 04 Sep 2022 09:41:50 GMT
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5\012- data
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 09:41:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 09:41:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 310062
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 310062
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /2022-09/hh5lc9io_lusail-stadium-qatar-afp_625x300_03_September_22.jpg?im=FeatureCrop,algorithm=dnn,width=1200,height=675 HTTP/1.1 
Host: c.ndtvimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.26
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "b17fdb81bcba50b9d69574d6deed039b-1"
last-modified: Sat, 03 Sep 2022 17:07:06 GMT
server: Akamai Image Manager
content-length: 142674
cache-control: private, no-transform, max-age=2532363
expires: Mon, 03 Oct 2022 17:07:53 GMT
date: Sun, 04 Sep 2022 09:41:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, progressive, precision 8, 1200x675, components 3\012- data
Size:   142674
Md5:    d681fb8eb06ace976ba36d0600f44974
Sha1:   6aa178128222704e18f563fff87d0c64133ce0be
Sha256: b88fbfab4cf5ee90ec2918002416e8eca378cb6fcf3df9a2fff32b452551c3b8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 09:41:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /2022-08/ne2e4o_ravindra-jadeja-afp_625x300_28_August_22.jpg?im=FeatureCrop,algorithm=dnn,width=1200,height=675 HTTP/1.1 
Host: c.ndtvimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.26
HTTP/2 200 OK
content-type: image/webp
                                        
etag: "586b77b5841c6f180083ea6be15ebba7-1"
last-modified: Sun, 28 Aug 2022 17:53:59 GMT
server: Akamai Image Manager
content-length: 47026
cache-control: private, no-transform, max-age=2016699
expires: Tue, 27 Sep 2022 17:53:29 GMT
date: Sun, 04 Sep 2022 09:41:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x675, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   47026
Md5:    c10dc14996a6720811f249983aeaff00
Sha1:   11e63ba1f5a31bd088164f26731002a9c132a2e9
Sha256: 781c8fcaca25ca0bc9e1d0154b3a143462d1c5ef887f9f2f9d179c6cd53b635f
                                        
                                            GET /2022-06/cn0e94j8_avesh-khan-bcci_625x300_18_June_22.jpg?im=FeatureCrop,algorithm=dnn,width=1200,height=675 HTTP/1.1 
Host: c.ndtvimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.26
HTTP/2 200 OK
content-type: image/webp
                                        
etag: "77f0428f17dfe3027dd6e1e758885f17-1"
last-modified: Wed, 27 Jul 2022 02:57:42 GMT
server: Akamai Image Manager
content-length: 77868
cache-control: private, no-transform, max-age=1561807
expires: Thu, 22 Sep 2022 11:31:57 GMT
date: Sun, 04 Sep 2022 09:41:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   77868
Md5:    d79b9065326753b469b69194ed50df30
Sha1:   a9d3aac9da6641d87ede242e2687587da2464a30
Sha256: bdd5018d1745e2d9c3ef9c54e3e3d75808f82182c36f81cdec5e68216fdf2318
                                        
                                            GET /2022-09/2v2dnbk8_bhaichung-bhutia-ani_625x300_03_September_22.jpg HTTP/1.1 
Host: c.ndtvimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.26
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "3313091e105993972bc561df3ab1bf1b-1"
last-modified: Sat, 03 Sep 2022 12:04:49 GMT
server: Akamai Image Manager
x-serial: 98
x-check-cacheable: YES
content-length: 75203
cache-control: private, no-transform, max-age=2514216
expires: Mon, 03 Oct 2022 12:05:26 GMT
date: Sun, 04 Sep 2022 09:41:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 806x605, components 3\012- data
Size:   75203
Md5:    2e1910fe4f757f660882f592e37ee425
Sha1:   032e76a33ce6a625dbb0d3cf8b1a6349acead287
Sha256: 909e75b3b50ff5514dafe116065e2427fddf0b80db1ec29e2526fcf27eaf5f12
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 04 Sep 2022 08:41:12 GMT
expires: Sun, 04 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 3638
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/ HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         185.28.21.131
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://natsegal.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 974_HTTP.404,974_404,974_URL.646d5bd14cb73c6074bffd1c1eca7e3b,974_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   13564
Md5:    cdb8b057fe590e2dc7592188188d021e
Sha1:   03c41f2ea9a8c5a5c0f67e32e1c8298b1e28cdec
Sha256: 5e7ebccaac057017acba9c80b4b4f0bdbd404fbdc0f2f85b09f477a558ed2d90

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /plugins/ua/linkid.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Sep 2022 09:39:59 GMT
expires: Sun, 04 Sep 2022 10:39:59 GMT
cache-control: public, max-age=3600
age: 111
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1335)
Size:   859
Md5:    904463ce35aee800847ab85ec948aaf6
Sha1:   904e4d2647466c7f7e0f7412019984e3b2ccfb24
Sha256: 057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
                                        
                                            GET /pagead/js/adsbygoogle.js?client=ca-pub-4678666607300105 HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.34
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sun, 04 Sep 2022 09:41:50 GMT
expires: Sun, 04 Sep 2022 09:41:50 GMT
cache-control: private, max-age=3600
etag: 10944204576734046792
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57568
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2897)
Size:   57568
Md5:    62b7ed5cd42fd10d4d688f9337560d61
Sha1:   c132e8d54c4989b22d13bd6334d5b6e72f72a908
Sha256: 764e3b8b42ea95eaa19ca2e6ddcbf5be16539e5cfdb4fe1b35d1d3050a4b128c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 09:41:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/html/r20220831/r20190131/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.66
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Sat, 03 Sep 2022 20:15:31 GMT
expires: Sat, 17 Sep 2022 20:15:31 GMT
cache-control: public, max-age=1209600
age: 48379
etag: 8616628553774171045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Size:   4412
Md5:    09a8bd805dba1307ae0bd76a0c9ca73d
Sha1:   bdc16e7610abae944da47ff3a0e5fea818241fb0
Sha256: e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
                                        
                                            GET /c/6.0.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.37
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 04 Sep 2022 09:41:49 GMT
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Mon, 04 Sep 2023 09:41:49 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   11384
Md5:    7ecade2ac9758653230a0f090fa34b7a
Sha1:   79ce225e29cc19d30ec4427b53799c70c5957052
Sha256: 460ec3461faaf5fa6e4c093f3c6938299998ea92c6c5d3c659f19acf9b7f506e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Sep 2022 09:41:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5199
Expires: Sun, 04 Sep 2022 11:08:30 GMT
Date: Sun, 04 Sep 2022 09:41:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5199
Expires: Sun, 04 Sep 2022 11:08:30 GMT
Date: Sun, 04 Sep 2022 09:41:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5199
Expires: Sun, 04 Sep 2022 11:08:30 GMT
Date: Sun, 04 Sep 2022 09:41:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5199
Expires: Sun, 04 Sep 2022 11:08:30 GMT
Date: Sun, 04 Sep 2022 09:41:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5199
Expires: Sun, 04 Sep 2022 11:08:30 GMT
Date: Sun, 04 Sep 2022 09:41:51 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9690
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wx1HInIAMFiYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5_jCLvdAC-XR-ax3RUbbx9275KPwACOPtAMxSbmv-aP-Lra4sC5zvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:51:41 GMT
age: 42610
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9690
Md5:    1bdfdf7e36f78f2f0e4d7ede9fdb76a8
Sha1:   babb88202741bbf2d4fd25e0731a4a7a6fcc28f8
Sha256: 949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43
                                        
                                            GET /f/AGSKWxUzs-40yBjTmeiW5ZtJcuyhLZYvY8jojn3BYNvA-xwNENxf4nGzLrFpurqUcCHPbvoZ8ze_1TxnHaM5139nFTM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYyMjg0NTA3LDYyMzAwMDAwMF0sIjE4MDdBQjYyLTZFQUEtNDYyOS04QzFCLTA4MDZDMEUwQjA5QiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vbmF0c2VnYWwuY29tL2Fzc2Fzc2lucy1jcmVlZC1zeW5kaWNhdGUtZ29sZC1lZGl0aW9uLXYxLTUtY29yZXBhY2stdG91cm5hbWVudC1oYWNrLyIsbnVsbCxbXV0 HTTP/1.1 
Host: fundingchoicesmessages.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Sep 2022 09:41:50 GMT
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-W7WeD5cMaHHK0GEWAEZsNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   47370
Md5:    12f886b5efadcb42db7cc56210889daa
Sha1:   872c3745aeab7612804bf8c603e1b8ad67edf2ba
Sha256: 89d81a356a7243e7df50827e758d320fd91544fd0b48a5a17ff8e1f8d764fc06
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F074d7790-a0c5-48fe-9814-807d02b9ea17.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8331
x-amzn-requestid: 53b40605-8cb6-4c36-931f-67be541289e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wigGtToAMFscw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7a9-645ce10e6bd850f84fcbf256;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: a0mNmWIp04fLKVgImJIc6CWErbhadUOhXG2XurGRbCgDgjSwz44p0w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:07:28 GMT
age: 41663
etag: "51ca3fc7e7048f035f79c4e425197bc618671b8c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8331
Md5:    2c0d77a2b715f8f2547f11cc5674432b
Sha1:   51ca3fc7e7048f035f79c4e425197bc618671b8c
Sha256: 34cad56ca82b17b5df4c010eecb2c7ea348faec15d33fa4b294c0ed46e2c5de8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11380
x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8TLFA3oAMFQjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s0voKdiDdj0mq8-VRFSWcYcQXaWti7929bpdKSQMWDoVCmOAPepuDg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 03:48:57 GMT
age: 21174
etag: "6ce530af682094dc5413db9de02565691fab4da7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11380
Md5:    fc4ceb10dd9fcaab21ae58dcf10c401f
Sha1:   6ce530af682094dc5413db9de02565691fab4da7
Sha256: 84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10713
x-amzn-requestid: d546a12c-c549-4ad3-80ad-6bad452927d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5winGzHIAMFTPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7aa-2060c6611eb4abb777cc17a8;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnd2mdQQcKzRP5RAJXmcJUSmO_AnlUgVrkT5tBR38PtfK_bThFBTtg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:47:53 GMT
age: 42838
etag: "383a0661fa09d9b48745b507389d0505303b6182"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10713
Md5:    8cdd0826b7d8be62cc2ed532e04e137b
Sha1:   383a0661fa09d9b48745b507389d0505303b6182
Sha256: f2d04cf1ee9b5a885c246060c1036b21af4ecd3e51e5d05a529dbe0d63f7c2ac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8688
x-amzn-requestid: 1c5fbc89-8ce8-4792-b713-f2c0ceeab737
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wifFJYoAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7a9-214311e155c661ff77d89906;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wd9SF3txQNTVUaSPcKQ_nQfPt1pBjFbuHzSZiQjfbGBSb-i7J8Rgjg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:44:29 GMT
age: 43042
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8688
Md5:    6bb4b1d74f1443bc3328301ab3ae6464
Sha1:   2768253dacaaad6cb498c6b2eb7694208b0ce0a6
Sha256: 07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a
                                        
                                            POST /g/collect?v=2&tid=G-2MQSFDYYEL&gtm=2oe8v0&_p=373786373&cid=203948152.1662284507&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662284507&sct=1&seg=0&dl=https%3A%2F%2Fnatsegal.com%2Fassassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack%2F&dt=Page%20not%20found%20-%20Welcome&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://natsegal.com
date: Sun, 04 Sep 2022 09:41:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:53:20 GMT
expires: Tue, 29 Aug 2023 18:53:20 GMT
cache-control: public, max-age=31536000
age: 485311
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:36:08 GMT
expires: Fri, 01 Sep 2023 20:36:08 GMT
cache-control: public, max-age=31536000
age: 219943
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size:   128352
Md5:    53436aca8627a49f4deaaa44dc9e3c05
Sha1:   0bc0c675480d94ec7e8609dda6227f88c5d08d2c
Sha256: 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
                                        
                                            POST /el/AGSKWxXaRfzimvYpWErgw10dicep1Hmz6o6W6VQy4fPjkYhT7oxk3lzEIkzaT6RY_HDk4Yh9l3uk7zRIzzSox1FY9YMt_rJv8TMRnnNEwX4oS5otdBKZ9AgnTdQI9dERD3JLgC0GxWJSkQ==?dmid=2e0b881b0e873a7f HTTP/1.1 
Host: fundingchoicesmessages.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 92
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.46
HTTP/2 204 No Content
content-type: text/html; charset=utf-8
                                        
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Sep 2022 09:41:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-nG8cVNywZhVaoDlPnItwTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /p/jetpack/11.2/css/jetpack.css HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.37
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 04 Sep 2022 09:41:49 GMT
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 17:25:16 GMT
content-encoding: br
expires: Mon, 04 Sep 2023 09:41:49 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.37
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 04 Sep 2022 09:41:49 GMT
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Mon, 04 Sep 2023 09:41:49 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14 HTTP/1.1 
Host: natsegal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/assassins-creed-syndicate-gold-edition-v1-5-corepack-tournament-hack/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.28.21.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=604800
expires: Sun, 11 Sep 2022 09:41:49 GMT
last-modified: Sun, 14 Aug 2022 15:34:17 GMT
etag: "2317-62f915f9-5b06b4528aa690ac;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2887
date: Sun, 04 Sep 2022 09:41:49 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i/ca-pub-4678666607300105?ers=2 HTTP/1.1 
Host: fundingchoicesmessages.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Sep 2022 09:41:50 GMT
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-YP7k5H633oltWxEYAqZDZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.37
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 04 Sep 2022 09:41:49 GMT
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Mon, 04 Sep 2023 09:41:49 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/6.0.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.37
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 04 Sep 2022 09:41:49 GMT
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Mon, 04 Sep 2023 09:41:49 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=6.0.2 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Sep 2022 09:41:49 GMT
date: Sun, 04 Sep 2022 09:41:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /p/jetpack/11.2/_inc/build/photon/photon.min.js HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.37
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 04 Sep 2022 09:41:49 GMT
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Mon, 04 Sep 2023 09:41:49 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.37
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 04 Sep 2022 09:41:49 GMT
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Mon, 04 Sep 2023 09:41:49 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /e-202235.js HTTP/1.1 
Host: stats.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.76.3
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 04 Sep 2022 09:41:49 GMT
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 21 Aug 2023 04:16:22 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2


--- Additional Info ---