natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
301 Moved Permanently 707 B URL HTTP/1.1 natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/ HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 24 Nov 2022 01:44:30 GMT
server: LiteSpeed
location: https://natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Thu, 24 Nov 2022 03:51:51 GMT
Date: Thu, 24 Nov 2022 01:44:30 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6087
Cache-Control: max-age=124093
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:30 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:12:43 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 01:18:53 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1537
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7523
Expires: Thu, 24 Nov 2022 03:49:53 GMT
Date: Thu, 24 Nov 2022 01:44:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YsuAooMJQGV+KvbLZKAIm7C6lk+kg7SSS6DkjM2krAjsFg8m5ZUrCHrVr3uV3NpDaZBANmpMceA=
x-amz-request-id: KR1KWSWV27QQREMM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 01:43:12 GMT
age: 78
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 01:11:11 GMT
cache-control: public,max-age=3600
age: 1999
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1587
Cache-Control: max-age=114529
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:31 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 09:33:20 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e0TMDRGDhE830Daxs83TGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BBr9Rv9M3+02oiRlzOejdT8fseQ=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
natsegal.com/wp-content/plugins/adfoxly/public/css/adfoxly-public.css?ver=1.7.92
200 OK 1.8 kB URL HTTP/2 natsegal.com/wp-content/plugins/adfoxly/public/css/adfoxly-public.css?ver=1.7.92
IP
ASN #47583 Hostinger International Limited
Hash 676d73fbf59f268e6a0b1be2ee40d6c0
4959c9c10a49288545208da4397fc450bdb89f74
21464a8f1bd5b7a7c571a60964067c5bc2cc51016cd2c1741baa60ee59a6f8af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/adfoxly/public/css/adfoxly-public.css?ver=1.7.92 HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Fri, 24 Nov 2023 07:44:32 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 06:24:00 GMT
etag: "2b57-63578100-f5660fbafc34f9f8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1794
date: Thu, 24 Nov 2022 01:44:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
natsegal.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
200 OK 541 B URL HTTP/2 natsegal.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
IP
ASN #47583 Hostinger International Limited
Hash 8ace2dd592cce5346093d592914e2dcf
10a75d3b6cc0942b6a832c9d4d2fd164e9cc38d7
05fcbe5b4ed2c9b07908d7e0dfb09da4cfd34eec3b812556bbcccda002dd05a6
GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Fri, 24 Nov 2023 07:44:32 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 14:02:27 GMT
etag: "a99-62f90073-acdeb90053e85f14;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 541
date: Thu, 24 Nov 2022 01:44:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 3f702d992a9fb9ec8fdb05e136ed6e2d
2c3e35e5cbf300761a11a0a860df9f2fa624055f
293e1290f42e72f7c7fc9f02eea6049a39d9a3400bab8273f2bd71db0b736d95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5733
Cache-Control: max-age=97829
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Etag: "637d9140-116"
Expires: Fri, 25 Nov 2022 04:55:01 GMT
Last-Modified: Wed, 23 Nov 2022 03:19:28 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
natsegal.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=6.0.3
200 OK 1.3 kB URL HTTP/2 natsegal.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=6.0.3
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (5501), with no line terminators
Hash 24c8a7a89efcb868aa493ff763991fe7
a8cfe7e7dbdd9cf952ab07cdc78e4af816520e67
fb9057c5fe73d15089f9427c20144d5d44a1d1255d8ac8d148f0276b1d3c5c86
GET /wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=6.0.3 HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Fri, 24 Nov 2023 07:44:32 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 18:24:17 GMT
etag: "157d-637bc251-56c2862538549086;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1288
date: Thu, 24 Nov 2022 01:44:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
natsegal.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=810534ce963cec6bd2e7978db2c935c9
200 OK 4.3 kB URL HTTP/2 natsegal.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=810534ce963cec6bd2e7978db2c935c9
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (37284), with no line terminators
Hash a7f5fa8ebbb743d9c542f6f4aedb24b1
89772c5eebeb36a0f70fc8feea8dae022c2d6cc2
152e77293b996589377650e306c83ed94cdde6fd555607c05069d70e401d1ce8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=810534ce963cec6bd2e7978db2c935c9 HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Fri, 24 Nov 2023 07:44:32 GMT
content-type: text/css
last-modified: Sun, 09 Oct 2022 08:27:47 GMT
etag: "91a4-63428603-8207491f5f30f36a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4339
date: Thu, 24 Nov 2022 01:44:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
natsegal.com/wp-content/themes/Newspaper/style.css?ver=11.3.1
200 OK 23 kB URL HTTP/2 natsegal.com/wp-content/themes/Newspaper/style.css?ver=11.3.1
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (378)
Hash b3475fecf9a6dd388914d5581cae6f98
ef53075e858a76f59a0fe0d4a92ee5921944b0fe
d33c26412a08cdd63a49872904d685b562b2aa1b920934911dba120d797dd28a
GET /wp-content/themes/Newspaper/style.css?ver=11.3.1 HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Fri, 24 Nov 2023 07:44:32 GMT
content-type: text/css
last-modified: Sun, 09 Oct 2022 08:26:01 GMT
etag: "24645-63428599-2d2117d09b0e62e2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23147
date: Thu, 24 Nov 2022 01:44:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
natsegal.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=810534ce963cec6bd2e7978db2c935c9
200 OK 22 kB URL HTTP/2 natsegal.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=810534ce963cec6bd2e7978db2c935c9
IP
ASN #47583 Hostinger International Limited
Hash 9aeb5afe56a0c240121db3f39d7ee71e
2a739e37346bdf3fe50a7b25654510671240abfd
6e8d623ffd18175676e826e4d5e52188ce752fddff8547b7d1f3f0a9e16fefa3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=810534ce963cec6bd2e7978db2c935c9 HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Fri, 24 Nov 2023 07:44:32 GMT
content-type: text/css
last-modified: Sun, 09 Oct 2022 08:27:49 GMT
etag: "26bd7-63428605-ea5737158d4932fb;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21607
date: Thu, 24 Nov 2022 01:44:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/underscore.min.js
200 OK 7.6 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/underscore.min.js
IP
File type ASCII text, with very long lines (18876)
Hash 613298f21135fae87e5163cbdafea458
7b401873cb4488b235bda6d2e2a237755bc58171
92f72dbfd93b059baed58962310659e5cc783267874076a54eaf38da93619999
GET /c/6.0.3/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 27 Apr 2022 14:39:21 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 01:44:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
natsegal.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=79f8a1d02f05c15c98a62e68cd419e0b
200 OK 55 kB URL HTTP/2 natsegal.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=79f8a1d02f05c15c98a62e68cd419e0b
IP
ASN #47583 Hostinger International Limited
Hash 9f529bd6bd13707bcec9f911de020046
fd2559f9affd96697128488e15df0f9b12f84692
8b2026cf50c438d5e8df584b8f20c834eea98455c109c57ff1f4bbbaa1c75683
GET /wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=79f8a1d02f05c15c98a62e68cd419e0b HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Fri, 24 Nov 2023 07:44:32 GMT
content-type: text/css
last-modified: Sun, 09 Oct 2022 08:28:34 GMT
etag: "b2ccc-63428632-566616011697bd8b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 55355
date: Thu, 24 Nov 2022 01:44:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
natsegal.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/videopress-token-bridge.js?ver=0.6.3
200 OK 346 B URL HTTP/2 natsegal.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/videopress-token-bridge.js?ver=0.6.3
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (715), with no line terminators
Hash ab1a5d41c4d14677875ac2f164c59c0d
06bc567f02e6e682e64d9b2e7937f14366030285
beee151aee433c273892046d53c90ce498c4ff5b48c6f5a6d9b3b66fe0d3f937
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/lib/videopress-token-bridge.js?ver=0.6.3 HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Fri, 24 Nov 2023 07:44:32 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 18:24:08 GMT
etag: "2cb-6362b5c8-9d8977e2be36cb9a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 346
date: Thu, 24 Nov 2022 01:44:32 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-175335834-2
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-175335834-2
IP
File type ASCII text, with very long lines (1921)
Hash 4ed5bbaaf09727c82d05051d1dec2cb5
9c1291e10e387f55fffc4d5507a62095f004778e
81b4a59f9e7ed8c844d3dd86ff88ce6f2af7d316ae8a1656f7796c10b737261b
GET /gtag/js?id=UA-175335834-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 01:44:32 GMT
expires: Thu, 24 Nov 2022 01:44:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
200 OK 156 kB URL HTTP/2 natsegal.com/exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/
IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8124), with CRLF, LF line terminators
Size 156 kB (156182 bytes)
Hash 7916089943f37075256945c93b0424dd
cba3b89c6604bcc61dd57688933a36e49677611d
3ad59783431f4f83653871ca5daf7efe43696ec2e9d776247e1ee9bdec84f025
Analyzer Verdict Alert fortinet Phishing
GET /exclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn/ HTTP/1.1
Host: natsegal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
content-type: text/html; charset=UTF-8
x-pingback: https://natsegal.com/xmlrpc.php
link: <https://natsegal.com/wp-json/>; rel="https://api.w.org/", <https://natsegal.com/wp-json/wp/v2/posts/19034>; rel="alternate"; type="application/json", <https://natsegal.com/?p=19034>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 974_HTTP.200,974_post,974_URL.5f03dbbcf82985c360711299638b6b5d,974_Po.19034,974_
etag: "80182-1669254271;br"
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 01:44:31 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A400&display=swap&ver=11.3.1
200 OK 58 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A400&display=swap&ver=11.3.1
IP
Hash 80448bd1a3fd341ff5d4f90e6947b7c4
8c28e652b38ee086642d63663d71bc21bd0714d3
f9dcf36fb37180219658b8805fe8a43fbeed570eb8d3cbffde96f4bd355b2a14
GET /css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A400&display=swap&ver=11.3.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 01:44:32 GMT
date: Thu, 24 Nov 2022 01:44:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 4.9 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js
IP
File type ASCII text, with very long lines (11126)
Hash 9925db7049343a2c3ce3f476a3a96ead
01b368cd5ecfdb98fbefea60c0d1713f2412d6d1
8bae59c7c168c9f3536737a56ecf6857759aee75dbc18371d81f3f328f852444
GET /c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 01:44:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 22224
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17050
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 01:44:32 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 41820
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17050
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 01:44:32 GMT
Connection: keep-alive
c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
200 OK 4.9 kB URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
IP
File type ASCII text, with very long lines (685), with no line terminators
Hash 1df24eeb284b51a72f0ff1cabbb19aec
4a50854f41411cc706eda5adbd7acd4a288dc08c
0583c6e408947a90f0b6be89b2c385cd36e07505cb4611dab3672197c399b7a7
GET /p/jetpack/11.5.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 01:44:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcdebbc7d6d2f262afe69e6f2d97d58b
e62b4e08c2813f67fa0f466b4f66d5d4c609526f
decdfd76f2b382026f13ba2cd07fceae8a8964b4157c0f4dcef6bcd061817b61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6404
x-amzn-requestid: 5a69edc8-b240-4c21-ba0d-dc175b8ff3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvY6HfnoAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d2-4fd0613627b92d636337cbad;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wzNSs-zgv7QbI0QdFg7Qa3y_PA_40oy5LjVs_I4P8exfQFdPjvYB4Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:21:37 GMT
age: 66175
etag: "e62b4e08c2813f67fa0f466b4f66d5d4c609526f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 05:42:51 GMT
expires: Fri, 17 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 590501
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 12976
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 14200
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 24643
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 13514
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6dee69c-a683-4448-a26a-ed78ea0cb4a0.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6dee69c-a683-4448-a26a-ed78ea0cb4a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b88331b5cbc633ee1ae21a77a983e92
acc9dd298e87e1079229d2c958ec088023603974
299e0c024f5209289e27aea403337e05ec7da447e706eee79aae6e982986faee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6dee69c-a683-4448-a26a-ed78ea0cb4a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5553
x-amzn-requestid: 203724f3-e044-4533-ae46-af79c11e5460
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_c6lFucoAMFs7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c7510-4dad6a426642a025759eb363;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:06:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRqctghettaL53ADxhP7pd9gib0TsC6RZI8ERQldNYuusuha5qohpg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:15:07 GMT
age: 66565
etag: "acc9dd298e87e1079229d2c958ec088023603974"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZtjzvMh_vqVaOqm8xPfZ2EWGGl0X7Iv8GK40Z32EbKM4wk6tGPnlYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:27:21 GMT
age: 11831
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.wp.com/g.gif?v=ext&blog=182570968&post=19034&tz=5.5&srv=natsegal.com&j=1%3A11.5.1&host=natsegal.com&ref=&fcp=2448&rand=0.9898624003748125
200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=182570968&post=19034&tz=5.5&srv=natsegal.com&j=1%3A11.5.1&host=natsegal.com&ref=&fcp=2448&rand=0.9898624003748125
IP
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=182570968&post=19034&tz=5.5&srv=natsegal.com&j=1%3A11.5.1&host=natsegal.com&ref=&fcp=2448&rand=0.9898624003748125 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/cdn.cnn.com/cnnnext/dam/assets/221121134042-domincan-republic-entry-gate-dajabon-ouanaminthe-hp-video.jpg?w=696&ssl=1
200 OK 5.5 kB URL HTTP/2 i0.wp.com/cdn.cnn.com/cnnnext/dam/assets/221121134042-domincan-republic-entry-gate-dajabon-ouanaminthe-hp-video.jpg?w=696&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 256x144, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 53646fd7e75d8934aefcb03f4abc37a7
dc26076ada001c0129c919632c55cb09350d7a2d
15e326e958cfc3f6ff596ca0c9be8ee93b92364362458c6c3c638f658e207f3d
GET /cdn.cnn.com/cnnnext/dam/assets/221121134042-domincan-republic-entry-gate-dajabon-ouanaminthe-hp-video.jpg?w=696&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: image/webp
content-length: 5458
last-modified: Tue, 22 Nov 2022 05:05:35 GMT
expires: Thu, 21 Nov 2024 17:05:35 GMT
cache-control: public, max-age=63115200
link: <https://cdn.cnn.com/cnnnext/dam/assets/221121134042-domincan-republic-entry-gate-dajabon-ouanaminthe-hp-video.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "234859ca76ffdd87"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 3f702d992a9fb9ec8fdb05e136ed6e2d
2c3e35e5cbf300761a11a0a860df9f2fa624055f
293e1290f42e72f7c7fc9f02eea6049a39d9a3400bab8273f2bd71db0b736d95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5733
Cache-Control: max-age=97829
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:32 GMT
Etag: "637d9140-116"
Expires: Fri, 25 Nov 2022 04:55:01 GMT
Last-Modified: Wed, 23 Nov 2022 03:19:28 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
platform.foremedia.net/code/29173/footer_float
200 OK 4.7 kB URL HTTP/2 platform.foremedia.net/code/29173/footer_float
IP
File type ASCII text, with very long lines (1072), with no line terminators
Hash cc097d59b096626792dd8ac736c30f77
a3ec2a0b645f703fa6e24b108a61a1bb769e2636
671163c33f9832e128967b4d1b51f38edbd28bf341b741f884b25fc0c0924efa
GET /code/29173/footer_float HTTP/1.1
Host: platform.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:33 GMT
content-type: application/javascript
set-cookie: DO-LB="MTAuMTM2LjAuNTo0NDM="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQOg3j0G8ZIXvsElzPdpowiNapMowNo5eF%2BvenoIEcPlWS%2BhKuZxRuDO4trSHzrMzZTqS9EM%2Bi4pXMSqqp8gamARGvInWM1fMoNdJxq5Pz3GK1b0UMtq7KWmNyWb4s3VB7AxqYVbDJCV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ee75c16d55b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 00:41:08 GMT
expires: Thu, 24 Nov 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 3805
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.foremedia.net/code/29173/analytics
200 OK 50 kB URL HTTP/2 platform.foremedia.net/code/29173/analytics
IP
File type ASCII text, with very long lines (1012), with no line terminators
Hash 76dbe37f31178fa717a253c99494ff88
626ad65b0eb60850eea05b89e528d05272304bf2
995a7a7582a5072098fd4276094d74e3c211cf52d4c86be035f7104e4c5ba7c9
GET /code/29173/analytics HTTP/1.1
Host: platform.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:33 GMT
content-type: application/javascript
set-cookie: DO-LB="MTAuMTM2LjAuOTo0NDM="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5IGwX8GwDJVFBMNmmLwZgqqQRYv12ZKOGqsBr9PxcKa8IFCJ4WJg%2Fn2ESvuvHnpsKktKYVZCqYe621nimFTAPyMRHa4tAT7aNASBh7g4SvZ%2BVEotKEHguGgzgrheAe33crkjQ2Un4yd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ee75c15d4fb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/_inc/build/sharedaddy/sharing.min.js
200 OK 2.6 kB URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/build/sharedaddy/sharing.min.js
IP
File type ASCII text, with very long lines (8517), with no line terminators
Hash 5cc9c73707dc9bab52fa27193ef4e0dc
7b968672ead8537c5091760057a1e5e0ed840cb2
10b3335aa57a417602a44a1eb2018165e1960b8a3b3bc7954432bd5b9f365b22
GET /p/jetpack/11.5.1/_inc/build/sharedaddy/sharing.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 31 May 2022 10:02:49 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 01:44:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Wed, 23 Nov 2022 10:25:42 GMT
expires: Wed, 07 Dec 2022 10:25:42 GMT
cache-control: public, max-age=1209600
age: 55131
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.foremedia.net/tag/display.js
200 OK 6.2 kB URL HTTP/2 static.foremedia.net/tag/display.js
IP
File type ASCII text, with very long lines (18413)
Hash 76a700afd82e4b5255203e3868e457dc
9c6d7ac5f372357ccaf6b4d9c7c2fa5c574c3fd4
693f76ac6ab36441ce21737938829309c574bbf7c495cda89e4a450864fb4042
GET /tag/display.js HTTP/1.1
Host: static.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:33 GMT
content-encoding: gzip
content-length: 6229
content-type: application/javascript
last-modified: Wed, 02 Dec 2020 13:38:43 GMT
accept-ranges: bytes
server: nginx
etag: W/"5fc798e3-481a"
cache-control: max-age=86400
x-hw: 1669254273.cds243.sk1.hn,1669254273.cds237.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-2MQSFDYYEL>m=2oeb90&_p=454325141&cid=1873619729.1669254273&ul=en-us&sr=1280x1024&_s=1&sid=1669254272&sct=1&seg=0&dl=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&dt=Exclusive%3A%20Dominican%20Republic%20expelled%20hundreds%20of%20children%20to%20Haiti%20without%20their%20families%20this%20year%20%7C%20CNN%20Smore%20Newsletter&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2MQSFDYYEL>m=2oeb90&_p=454325141&cid=1873619729.1669254273&ul=en-us&sr=1280x1024&_s=1&sid=1669254272&sct=1&seg=0&dl=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&dt=Exclusive%3A%20Dominican%20Republic%20expelled%20hundreds%20of%20children%20to%20Haiti%20without%20their%20families%20this%20year%20%7C%20CNN%20Smore%20Newsletter&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2MQSFDYYEL>m=2oeb90&_p=454325141&cid=1873619729.1669254273&ul=en-us&sr=1280x1024&_s=1&sid=1669254272&sct=1&seg=0&dl=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&dt=Exclusive%3A%20Dominican%20Republic%20expelled%20hundreds%20of%20children%20to%20Haiti%20without%20their%20families%20this%20year%20%7C%20CNN%20Smore%20Newsletter&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://natsegal.com
date: Thu, 24 Nov 2022 01:44:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.foremedia.net/code/29173/c1
200 OK 103 B URL HTTP/2 platform.foremedia.net/code/29173/c1
IP
Hash e2cf49df3bc875404bb345834c2be775
708b32fe9f43935b4925f20b6ad79db845487f73
959a563db6452b17cf739992c528ca7c1b89c43523b6c2b68b0b15469de45860
GET /code/29173/c1 HTTP/1.1
Host: platform.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: DO-LB="MTAuMTM2LjAuOTo0NDM="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jvl2A170H3snCN39ekL4x9SEJsItv%2Bd7TlNbKAEB8yshXlbI5y87K%2B%2FXVfpcfMET6cpCEpcms0pmXiuRM4sKHtydSTKRNCIzk3h9iuCErydpl8jwsbCtGDNWKoOwuLVp%2FbFBJgUCQXet"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ee75c16d56b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=natsegal.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=natsegal.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=natsegal.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 24 Nov 2022 01:44:33 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 942e48a42959a84a8fb01744fd2caf86
a3659e206ba81e8549afa2d9138060148883ba90
7b84fbd99ebee52b8eb3b3d506ffc4ff9d15bd2bd211fc4003a20fe3ef171501
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=natsegal.com&callback=_gfp_s_&client=ca-pub-4678666607300105&gpid_exp=1
200 OK 253 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=natsegal.com&callback=_gfp_s_&client=ca-pub-4678666607300105&gpid_exp=1
IP
File type ASCII text, with very long lines (391), with no line terminators
Hash 2c0a7edc26c829c74898bc36ad86f128
5efb1abe96a28899c4774c8d730377a79ec21b97
db9594bd27ef8ed8b25bac91606657dc0352b2d44b254372d55aeb37316b0589
GET /gampad/cookie.js?domain=natsegal.com&callback=_gfp_s_&client=ca-pub-4678666607300105&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 24 Nov 2022 01:44:34 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 942e48a42959a84a8fb01744fd2caf86
a3659e206ba81e8549afa2d9138060148883ba90
7b84fbd99ebee52b8eb3b3d506ffc4ff9d15bd2bd211fc4003a20fe3ef171501
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 471 B IP
Hash 46723048050d7d3454787ff8e0c24e89
ca5b7ad8e96db4a7e361c2a3211654c18d3095dd
c492b86ced6e8495a937b27d3a3da319c5161242e937fd92dbddab7997a2f855
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:44:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 18:13:37 GMT
Expires: Mon, 28 Nov 2022 18:13:36 GMT
Etag: "ca5b7ad8e96db4a7e361c2a3211654c18d3095dd"
Cache-Control: max-age=404341,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ee75cd8c9bfab8-OSL
check.fraudscore.ai/?key=c812ee97d5a1de1821e9324476591e50&source=natsegal.com&affiliate_name=natsegal.com&aff_sub1=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&
200 OK 533 B URL HTTP/1.1 check.fraudscore.ai/?key=c812ee97d5a1de1821e9324476591e50&source=natsegal.com&affiliate_name=natsegal.com&aff_sub1=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&
IP
Hash 72a0dfdad61543aaa712027be8942f21
6c1727926ffa4cc4cc567e351399ac3fc913f9b7
f90cb9fb326064db92242483f2638f073165b063b6d0a484e880f024cb89d415
POST /?key=c812ee97d5a1de1821e9324476591e50&source=natsegal.com&affiliate_name=natsegal.com&aff_sub1=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F& HTTP/1.1
Host: check.fraudscore.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 24 Nov 2022 01:44:34 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140166&size=300x600&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=95098716
200 OK 688 B URL HTTP/1.1 cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140166&size=300x600&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=95098716
IP
ASN #36057 WEBAIR-INTERNET-MTL
Hash 4186985943b914cf05e1e5cac26d0474
014a19f7d1f95c62f91b422fef66cb2e23558af9
d191a67a528e475a5564cf1b2dca2268cbae0f8b9279b3ffc098cd120c5d1486
GET /tag?ad_type=json&ver=2.0&zone_id=140166&size=300x600&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=95098716 HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 01:44:35 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 263
Connection: close
Access-Control-Allow-Origin: https://natsegal.com
Vary: Origin
Access-Control-Allow-Credentials: true
cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=2170905
200 OK 722 B URL HTTP/1.1 cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=2170905
IP
ASN #36057 WEBAIR-INTERNET-MTL
Hash afdd588ebf5c875962909c17987fe68c
25666d5b2e463182b32f40111ad7d6dadbd4cf27
aab828713ce804a640087a4349f822150cca7c852225844edd0512262ada90de
GET /tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=2170905 HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 01:44:35 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 311
Connection: close
Access-Control-Allow-Origin: https://natsegal.com
Vary: Origin
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
200 OK 279 B IP
Hash b72d3be4aa75e6dbcc763acdeb20e012
7a6fa6406a490f28a12bf50254e0bc94472ba9fc
f0cc86c332e3d0de9c1fda4e35f828ca418ea17b812be3161a0826429a01281a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=135287
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:35 GMT
Etag: "637e39fa-117"
Expires: Fri, 25 Nov 2022 15:19:22 GMT
Last-Modified: Wed, 23 Nov 2022 15:19:22 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash b72d3be4aa75e6dbcc763acdeb20e012
7a6fa6406a490f28a12bf50254e0bc94472ba9fc
f0cc86c332e3d0de9c1fda4e35f828ca418ea17b812be3161a0826429a01281a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=135287
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:35 GMT
Etag: "637e39fa-117"
Expires: Fri, 25 Nov 2022 15:19:22 GMT
Last-Modified: Wed, 23 Nov 2022 15:19:22 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
static.foremedia.net/n843/ad/728x90_tKluwbYB.jpg
200 OK 8.7 kB URL HTTP/2 static.foremedia.net/n843/ad/728x90_tKluwbYB.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 318x90, components 3\012- data
Hash b65f46337d820ee5db9ff3d275cba0d1
11f92e8f64a1f4d96b493db62a14116cbc0c6332
bff1e8506d7d8c2ad4b6dd8b510bc5acf9fafc34e564889632b798288d681338
GET /n843/ad/728x90_tKluwbYB.jpg HTTP/1.1
Host: static.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:35 GMT
content-length: 8690
content-type: image/jpeg
last-modified: Sun, 21 Aug 2022 13:42:43 GMT
accept-ranges: bytes
server: nginx
etag: "63023653-21f2"
cache-control: max-age=86400
x-hw: 1669254275.cds243.sk1.hn,1669254275.cds260.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=51378948
200 OK 313 B URL HTTP/1.1 cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=51378948
IP
ASN #36057 WEBAIR-INTERNET-MTL
File type JSON data\012- HTML document, ASCII text, with very long lines (313), with no line terminators
Hash 209ee0cef3e2e2b6da737790c800013b
993535b7b07f005424598183492a90fdf0b00a17
6a3c52a6a40b459d4c95b60e365089f020a227e4e2e16358dd97a097297850a0
GET /tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=51378948 HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 01:44:35 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 313
Connection: close
Access-Control-Allow-Origin: https://natsegal.com
Vary: Origin
Access-Control-Allow-Credentials: true
static.foremedia.net/n843/ad/300x250_0A8K0HI2.jpg
200 OK 11 kB URL HTTP/2 static.foremedia.net/n843/ad/300x250_0A8K0HI2.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Hash 4bb8e75636a3666d8828f8c159f9c729
7db02387ed3cbff22618febb800f67fce6c163d8
8bd416a436bfe5137bce25354050de379bf15e256b8de4a616f8a75fcf615eb1
GET /n843/ad/300x250_0A8K0HI2.jpg HTTP/1.1
Host: static.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:35 GMT
content-length: 11165
content-type: image/jpeg
last-modified: Sun, 21 Aug 2022 13:42:43 GMT
accept-ranges: bytes
server: nginx
etag: "63023653-2b9d"
cache-control: max-age=86400
x-hw: 1669254275.cds243.sk1.hn,1669254275.cds203.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
foremedianative.com/js/native/native.js
200 OK 17 kB URL HTTP/2 foremedianative.com/js/native/native.js
IP
File type ASCII text, with very long lines (49316), with no line terminators
Hash 2dcd8831fd83b57d55682031840fe53d
93c98dc22c98361bbbd4c7492b9de0f26bd85ed9
e63b228f61015af1bb7a96779e7fa7a008c1efb8874d147fe4cbef896cf9f30e
GET /js/native/native.js HTTP/1.1
Host: foremedianative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:35 GMT
content-type: application/javascript
last-modified: Tue, 17 May 2022 18:03:00 GMT
etag: W/"c0a4-5df38f38be6c0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAM7cLPCc0FFEm4K3exwfbLGBdJtvr31nQOyrk7WCniIlWocyxKALAUJSinVgsV3juGHwdEA0CDD%2FEjB1qf7emmFpDKsHGEhPcsLEaIix5356HvxsJJffM9vgQV9S%2FsuEXD5RYzo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ee75d6be0b0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=65148802
200 OK 852 B URL HTTP/1.1 cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=65148802
IP
ASN #36057 WEBAIR-INTERNET-MTL
Hash 6f7b2b7d0b1fb94700e6a9d88745a755
2489d2112d643940fd758c6648f7088f54ca5a3b
ba819789c3be7f7ba7a24a8dfc508af412fa4a6c71084c0d41586774dd8f5501
GET /tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=65148802 HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 01:44:35 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 311
Connection: close
Access-Control-Allow-Origin: https://natsegal.com
Vary: Origin
Access-Control-Allow-Credentials: true
cpm.foremedia.net/win?i=w3SosVflUW0_0&f=imp
200 OK 42 B URL HTTP/1.1 cpm.foremedia.net/win?i=w3SosVflUW0_0&f=imp
IP
ASN #36057 WEBAIR-INTERNET-MTL
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /win?i=w3SosVflUW0_0&f=imp HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 01:44:35 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
static.foremedia.net/n843/ad/728x90_Wfw7yvAn.png
200 OK 182 kB URL HTTP/2 static.foremedia.net/n843/ad/728x90_Wfw7yvAn.png
IP
File type PNG image data, 711 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 182 kB (181583 bytes)
Hash 10dcaf12409bb49a96e658c4d9fbbd2b
19c733dd3b4fc3c0fd3ddfb1e46203baad4a4edb
3cc74e8ef549b26d799714241bf6454d46891501fb2435d84ff61c2508da0a9d
GET /n843/ad/728x90_Wfw7yvAn.png HTTP/1.1
Host: static.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:35 GMT
content-length: 181583
content-type: image/png
last-modified: Sun, 21 Aug 2022 13:26:40 GMT
accept-ranges: bytes
server: nginx
etag: "63023290-2c54f"
cache-control: max-age=86400
x-hw: 1669254275.cds243.sk1.hn,1669254275.cds232.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cpm.foremedia.net/win?i=MtJmYehHEEI_0&f=imp
200 OK 42 B URL HTTP/1.1 cpm.foremedia.net/win?i=MtJmYehHEEI_0&f=imp
IP
ASN #36057 WEBAIR-INTERNET-MTL
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /win?i=MtJmYehHEEI_0&f=imp HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 01:44:35 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
media.cnn.com/api/v1/images/stellar/prod/221123143925-mike-pence-town-hall-file-111622.jpg?c=16x9&q=w_800,c_fill
200 OK 49 kB URL HTTP/2 media.cnn.com/api/v1/images/stellar/prod/221123143925-mike-pence-town-hall-file-111622.jpg?c=16x9&q=w_800,c_fill
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 200x200, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 02353731fe4fcd2b682c850eb20bc408
b3ead63fc7aea60092933b8032e685bae0bf0660
7a967fef49df5a9012d3510440a6dac1f9577ed2f63986d0cc7c504c63637864
GET /api/v1/images/stellar/prod/221123143925-mike-pence-town-hall-file-111622.jpg?c=16x9&q=w_800,c_fill HTTP/1.1
Host: media.cnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Cookie: countryCode=NO; stateCode=03; geoData=oslo|03|0168|NO|EU|100|broadband|59.930|10.730
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=604800
accept-ranges: bytes
date: Thu, 24 Nov 2022 01:44:36 GMT
age: 20705
set-cookie: countryCode=NO; Domain=.cnn.com; Path=/; SameSite=None; Secure
stateCode=03; Domain=.cnn.com; Path=/; SameSite=None; Secure
geoData=oslo|03|0168|NO|EU|100|broadband|59.930|10.730; Domain=.cnn.com; Path=/; SameSite=None; Secure
x-served-by: cache-iad-kiad7000022-IAD, cache-bma1627-BMA
x-cache: HIT, HIT
x-cache-hits: 153, 2
x-timer: S1669254276.072801,VS0,VE0
content-length: 49123
X-Firefox-Spdy: h2
media.cnn.com/api/v1/images/stellar/prod/200213150327-pentagon-building-aerial-file.jpg?q=x_3,y_319,h_1684,w_2993,c_crop/w_800
200 OK 132 kB URL HTTP/2 media.cnn.com/api/v1/images/stellar/prod/200213150327-pentagon-building-aerial-file.jpg?q=x_3,y_319,h_1684,w_2993,c_crop/w_800
IP
Size 132 kB (131732 bytes)
Hash 158147d4cd4c234e42b96a1f433bd119
7b5e2fc16f321180f4058c3a1aaaf23af67d089a
cfdb503e45e20bd6743ad22753a1009fbdc446dc4c31e5b0ff1e544df393de89
GET /api/v1/images/stellar/prod/200213150327-pentagon-building-aerial-file.jpg?q=x_3,y_319,h_1684,w_2993,c_crop/w_800 HTTP/1.1
Host: media.cnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Cookie: countryCode=NO; stateCode=03; geoData=oslo|03|0168|NO|EU|100|broadband|59.930|10.730
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=604800
accept-ranges: bytes
date: Thu, 24 Nov 2022 01:44:36 GMT
age: 66846
set-cookie: countryCode=NO; Domain=.cnn.com; Path=/; SameSite=None; Secure
stateCode=03; Domain=.cnn.com; Path=/; SameSite=None; Secure
geoData=oslo|03|0168|NO|EU|100|broadband|59.930|10.730; Domain=.cnn.com; Path=/; SameSite=None; Secure
x-served-by: cache-iad-kjyo7100179-IAD, cache-bma1627-BMA
x-cache: HIT, HIT
x-cache-hits: 485, 1
x-timer: S1669254276.071602,VS0,VE2
content-length: 131343
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 65f8628375266ab84f69811f0e2df9de
b5c2c20773aed08ca6d1cdafcb3a7d81de9ff2c5
9905f12579348b97dbb8c18fe47dad9c84839ad6092f7406f9c5cb2be6447043
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:44:36 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 27 Nov 2022 22:47:01 GMT
ETag: "b5c2c20773aed08ca6d1cdafcb3a7d81de9ff2c5"
Last-Modified: Wed, 23 Nov 2022 22:47:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3147
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ee75d9a8f7b4f9-OSL
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 65f8628375266ab84f69811f0e2df9de
b5c2c20773aed08ca6d1cdafcb3a7d81de9ff2c5
9905f12579348b97dbb8c18fe47dad9c84839ad6092f7406f9c5cb2be6447043
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:44:36 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 27 Nov 2022 22:47:01 GMT
ETag: "b5c2c20773aed08ca6d1cdafcb3a7d81de9ff2c5"
Last-Modified: Wed, 23 Nov 2022 22:47:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3147
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ee75d9c907b4f9-OSL
cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=10514633
200 OK 313 B URL HTTP/1.1 cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=10514633
IP
ASN #36057 WEBAIR-INTERNET-MTL
File type JSON data\012- HTML document, ASCII text, with very long lines (313), with no line terminators
Hash dbff3e4022e03aae7a6be063a13b0329
228e0b346d3ef617e3aea511454571da6d63ec58
bb5e1bcb7c438e8996fe55977e43a6923db683ee5c763dc3a16f45513e821a21
GET /tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=10514633 HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 01:44:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 313
Connection: close
Access-Control-Allow-Origin: https://natsegal.com
Vary: Origin
Access-Control-Allow-Credentials: true
cdn.cnn.com/cnnnext/dam/assets/221123090145-06-virginia-walmart-shooting-1123-hp-video.jpg
200 OK 11 kB URL HTTP/2 cdn.cnn.com/cnnnext/dam/assets/221123090145-06-virginia-walmart-shooting-1123-hp-video.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=11, description=Law enforcement work the scene of a mass shooting at a Walmart, Wednesday, Nov. 23, 2022, in Chesapeake, Va. The store was bus, manufacturer=SONY, model=ILCE-9M2, xresolution=424, yresolution=432, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 12.0.1 (Macintosh), datetime=2022-11-23T14:00:11-05:00], baseline, precision 8, 256x144, components 3\012- data
Hash cade9bb05ec58f7051f5cff1cd9f4e78
bad8367d5cb96a30d82ec1ea4aba3771c37a121b
84ad284fbb16d552cc8331dc56a39c30622213fa3d3dd86054d5ae68df63041b
GET /cnnnext/dam/assets/221123090145-06-virginia-walmart-shooting-1123-hp-video.jpg HTTP/1.1
Host: cdn.cnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Cookie: countryCode=NO; stateCode=03; geoData=oslo|03|0168|NO|EU|100|broadband|59.930|10.730
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11397
server: Apache-Coyote/1.1
cache-control: max-age=3600
expires: Thu, 24 Nov 2022 02:44:36 GMT
date: Thu, 24 Nov 2022 01:44:36 GMT
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f7409ea2477564307bad887d38980052
d3bda04bee0090dca92ae93c118cfc1e599d209f
33e7fffa22bd6a55cb76dd3a0a9c837171d7a71225002e9076973f4fcda75b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:36 GMT
Etag: "637db72a-118"
Server: ECS (amb/6BA8)
Content-Length: 280
mindbodygreen-res.cloudinary.com/image/upload/c_crop,x_0,y_66,w_1120,h_629/c_fill,w_700,h_400,g_auto,q_85,fl_lossy,f_jpg/org/mevcszynclau45tm4.png
200 OK 25 kB URL HTTP/2 mindbodygreen-res.cloudinary.com/image/upload/c_crop,x_0,y_66,w_1120,h_629/c_fill,w_700,h_400,g_auto,q_85,fl_lossy,f_jpg/org/mevcszynclau45tm4.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 118x118, segment length 16, baseline, precision 8, 700x400, components 3\012- data
Hash df103bcc8b289175c1a0535fc5c54d6d
3e9cd25646693859081e03595c63ac21c9392eb2
af0f0ce0903d67038ff70c5bec30bba62305a328591015479cd0aa935fc5488b
GET /image/upload/c_crop,x_0,y_66,w_1120,h_629/c_fill,w_700,h_400,g_auto,q_85,fl_lossy,f_jpg/org/mevcszynclau45tm4.png HTTP/1.1
Host: mindbodygreen-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
etag: "df103bcc8b289175c1a0535fc5c54d6d"
last-modified: Thu, 24 Nov 2022 00:35:08 GMT
content-length: 25348
date: Thu, 24 Nov 2022 01:44:36 GMT
cache-control: public, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: akam;dur=28;start=2022-11-24T01:44:36.153Z;desc=miss,rtt;dur=2,cloudinary;dur=51;start=2022-11-24T00:38:52.475Z
X-Firefox-Spdy: h2
static.foremedia.net/n843/ad/300x250_hXWqXvG6.gif
200 OK 191 kB URL HTTP/2 static.foremedia.net/n843/ad/300x250_hXWqXvG6.gif
IP
File type GIF image data, version 89a, 800 x 800\012- data
Size 191 kB (190894 bytes)
Hash c3cfd86cffe773e0958977505365f8f5
18730eaa58d0c5117798d12319615c372ff11c0c
9513997dfec3937691a32b915fa11efddc09d153d1806a93dd4fe9310a871df0
GET /n843/ad/300x250_hXWqXvG6.gif HTTP/1.1
Host: static.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:36 GMT
content-length: 190894
content-type: image/gif
last-modified: Sun, 21 Aug 2022 13:21:24 GMT
accept-ranges: bytes
server: nginx
etag: "63023154-2e9ae"
cache-control: max-age=86400
x-hw: 1669254276.cds243.sk1.hn,1669254276.cds257.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
c.ndtvimg.com/2022-05/fqes6ndg_vicky-kaushal_625x300_11_May_22.jpg?im=FaceCrop,algorithm=dnn,width=1200,height=675
200 OK 32 kB URL HTTP/2 c.ndtvimg.com/2022-05/fqes6ndg_vicky-kaushal_625x300_11_May_22.jpg?im=FaceCrop,algorithm=dnn,width=1200,height=675
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x675, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6463d47508916ff9249f2d28b81913a8
12c98b661bdc786c4b55c5c48825b0e0a01e4a01
73146d519801f15687c7679f37d4d9b7d8164d839cd00e9b27f95de27b7002ed
GET /2022-05/fqes6ndg_vicky-kaushal_625x300_11_May_22.jpg?im=FaceCrop,algorithm=dnn,width=1200,height=675 HTTP/1.1
Host: c.ndtvimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "fbdcc6a79a9e2eb95bc83f0c030e62b0-1"
last-modified: Wed, 23 Nov 2022 12:44:28 GMT
server: Akamai Image Manager
x-serial: 1003
x-check-cacheable: YES
content-length: 32116
content-type: image/webp
cache-control: private, no-transform, max-age=232550
expires: Sat, 26 Nov 2022 18:20:26 GMT
date: Thu, 24 Nov 2022 01:44:36 GMT
X-Firefox-Spdy: h2
cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=42734893
200 OK 725 B URL HTTP/1.1 cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=42734893
IP
ASN #36057 WEBAIR-INTERNET-MTL
Hash fb39e167c05b56d8edf8ec5b7bf835c0
d971ecdcaac91de993f3cebe5d67d7f1f8bdbeb0
54b03af96dbe2c97400c6164036838c43e327dda4c45b261737d566453d16fc0
GET /tag?ad_type=json&ver=2.0&zone_id=140146&size=300x250&vw=0&j=pu%3Dnatsegal.com%26if%3D0&rnd=42734893 HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 01:44:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 313
Connection: close
Access-Control-Allow-Origin: https://natsegal.com
Vary: Origin
Access-Control-Allow-Credentials: true
c.ndtvimg.com/2022-11/d552hha_kitchen_625x300_23_November_22.jpg?im=FaceCrop,algorithm=dnn,width=1200,height=675
200 OK 52 kB URL HTTP/2 c.ndtvimg.com/2022-11/d552hha_kitchen_625x300_23_November_22.jpg?im=FaceCrop,algorithm=dnn,width=1200,height=675
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x675, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6b5eb562675e3fc61f7ee4fbcb1de493
3cf153573ae0ee5fe17c08cdeb28f81cfb6fa2d1
5a49f08204730246bfc43035224006e81df5a2f7782ec3bf64fe1ffc875ba743
GET /2022-11/d552hha_kitchen_625x300_23_November_22.jpg?im=FaceCrop,algorithm=dnn,width=1200,height=675 HTTP/1.1
Host: c.ndtvimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "9f218b0c60c426a649b86e80f69fe663-1"
last-modified: Wed, 23 Nov 2022 12:59:32 GMT
server: Akamai Image Manager
content-length: 51954
content-type: image/webp
cache-control: private, no-transform, max-age=2546133
expires: Fri, 23 Dec 2022 13:00:09 GMT
date: Thu, 24 Nov 2022 01:44:36 GMT
X-Firefox-Spdy: h2
c.ndtvimg.com/2022-11/3b37goh8_dhaba-1986_625x300_23_November_22.jpeg?im=FaceCrop,algorithm=dnn,width=1200,height=675
200 OK 68 kB URL HTTP/2 c.ndtvimg.com/2022-11/3b37goh8_dhaba-1986_625x300_23_November_22.jpeg?im=FaceCrop,algorithm=dnn,width=1200,height=675
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x675, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b027a82ca1044c6886fbefb5e02190b
72dc84f3c54fc40a21648a5b8bea0f81e8455bab
3400b1f7e533f1ec8bb171283be4bb158db26942ebb0f4c370cb3dcb6c69e04f
GET /2022-11/3b37goh8_dhaba-1986_625x300_23_November_22.jpeg?im=FaceCrop,algorithm=dnn,width=1200,height=675 HTTP/1.1
Host: c.ndtvimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "e46c9feba1677091b01fbc34e2ee8842-1"
last-modified: Wed, 23 Nov 2022 11:55:22 GMT
server: Akamai Image Manager
content-length: 68168
content-type: image/webp
cache-control: private, no-transform, max-age=2542159
expires: Fri, 23 Dec 2022 11:53:55 GMT
date: Thu, 24 Nov 2022 01:44:36 GMT
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73267
date: Thu, 24 Nov 2022 01:44:36 GMT
access-control-allow-origin: *
etag: "637b3777-11e33"
expires: Thu, 24 Nov 2022 02:44:36 GMT
last-modified: Mon, 21 Nov 2022 11:31:51 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cpm.foremedia.net/win?i=qjLvHfFckvw_0&f=imp
200 OK 42 B URL HTTP/1.1 cpm.foremedia.net/win?i=qjLvHfFckvw_0&f=imp
IP
ASN #36057 WEBAIR-INTERNET-MTL
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /win?i=qjLvHfFckvw_0&f=imp HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 01:44:36 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash db1f6ed5e9f8deb32af1db77893b76e7
1bbcc9d84d4e5fa487fcb28aefaa03b5fc7cdbda
f8211546d80e93e50dec5d7ec88cf13177633fb3d30cce8e05219d2d245b6564
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88841
Date: Thu, 24 Nov 2022 01:44:36 GMT
Etag: "637d848d-1d7"
Expires: Fri, 25 Nov 2022 02:25:17 GMT
Last-Modified: Wed, 23 Nov 2022 02:25:17 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8p9KhXdd2_2aeJYYpUBWQHsMzF2PH6FOogdxFSRjoOXWGKw_08t5Ww==
www.slashgear.com/img/gallery/2023-porsche-911-carrera-t-first-drive-a-tribute-to-base-brilliance/l-intro-1669236260.jpg
200 OK 690 kB URL HTTP/2 www.slashgear.com/img/gallery/2023-porsche-911-carrera-t-first-drive-a-tribute-to-base-brilliance/l-intro-1669236260.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, manufacturer=Apple, model=iPhone 14 Pro, orientation=upper-left, xresolution=154, yresolution=162, resolutionunit=2, software=16.0.2, datetime=2022:11:23 15:26:42, GPS-Data], baseline, precision 8, 1600x897, components 3\012- data
Size 690 kB (689546 bytes)
Hash 8938a13d27625aec6acef6c0c92da579
504bbea66e7bc9f2f55279c9cb53796174ae1245
3968bae2ad8439b0013621d1d732336ff783c2747dc2e3993deecb9522bb62dc
GET /img/gallery/2023-porsche-911-carrera-t-first-drive-a-tribute-to-base-brilliance/l-intro-1669236260.jpg HTTP/1.1
Host: www.slashgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 689546
date: Wed, 23 Nov 2022 23:12:13 GMT
last-modified: Wed, 23 Nov 2022 20:44:23 GMT
etag: "8938a13d27625aec6acef6c0c92da579"
cache-control: max-age=31104000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ydrLbT0mMrSKw1TsWkK4HlsoHJPnjRfSwR8tGmNgmW6jVi1uyqL6MQ==
age: 9144
X-Firefox-Spdy: h2
cpm.foremedia.net/win?i=CDheFQaUDj0_0&f=imp
200 OK 42 B URL HTTP/1.1 cpm.foremedia.net/win?i=CDheFQaUDj0_0&f=imp
IP
ASN #36057 WEBAIR-INTERNET-MTL
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /win?i=CDheFQaUDj0_0&f=imp HTTP/1.1
Host: cpm.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 01:44:36 GMT
Content-Type: image/gif
Content-Length: 42
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
cdn.apartmenttherapy.info/image/upload/f_auto,q_auto:eco,c_fill,g_auto,w_1500,ar_3:2/at/home-projects/2022-10/Sam_Mogelonsky_dining_room/SamMogelonsky_113874930_IMG6457
200 OK 99 kB URL HTTP/2 cdn.apartmenttherapy.info/image/upload/f_auto,q_auto:eco,c_fill,g_auto,w_1500,ar_3:2/at/home-projects/2022-10/Sam_Mogelonsky_dining_room/SamMogelonsky_113874930_IMG6457
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1500x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f643d2ed840f740f8482ff98dfb4ea63
c274f7eac0185598919d2fbeb9408161539a6a06
2aa7fe87bde6d2b1a5a0ba9af2b64087252a5e29e2144c7004764f193dfb20ca
GET /image/upload/f_auto,q_auto:eco,c_fill,g_auto,w_1500,ar_3:2/at/home-projects/2022-10/Sam_Mogelonsky_dining_room/SamMogelonsky_113874930_IMG6457 HTTP/1.1
Host: cdn.apartmenttherapy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="SamMogelonsky_113874930_IMG6457.webp"
content-type: image/webp
etag: "f643d2ed840f740f8482ff98dfb4ea63"
last-modified: Wed, 23 Nov 2022 23:25:47 GMT
content-length: 98992
date: Thu, 24 Nov 2022 01:44:36 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent
x-content-type-options: nosniff
server-timing: akam;dur=210;cpu=40;start=2022-11-24T01:44:36.162Z;desc=miss,rtt;dur=2,cloudinary;dur=81;start=2022-11-24T01:44:36.230Z
X-Firefox-Spdy: h2
mc.yandex.ru/watch/91144940/1
200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/91144940/1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/91144940/1 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://natsegal.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 24 Nov 2022 01:44:36 GMT
pragma: no-cache
expires: Thu, 24-Nov-2022 01:44:36 GMT
x-xss-protection: 1; mode=block
last-modified: Thu, 24-Nov-2022 01:44:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 24 Nov 2022 01:44:36 GMT
access-control-allow-origin: *
etag: "637b3777-2b"
expires: Thu, 24 Nov 2022 02:44:36 GMT
accept-ranges: bytes
last-modified: Mon, 21 Nov 2022 11:31:51 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/91144940?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A480753389836%3Ahid%3A147634999%3Az%3A0%3Ai%3A20221124014436%3Aet%3A1669254276%3Ac%3A1%3Arn%3A1033266017%3Arqn%3A1%3Au%3A1669254276293561550%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C233%2C1144%2C0%2C310%2C0%2C%2C834%2C23%2C%2C%2C%2C2562%3Ans%3A1669254270021%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669254276%3At%3AExclusive%3A%20Dominican%20Republic%20expelled%20hundreds%20of%20children%20to%20Haiti%20without%20their%20families%20this%20year%20%7C%20CNN%20Smore%20Newsletter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/91144940?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A480753389836%3Ahid%3A147634999%3Az%3A0%3Ai%3A20221124014436%3Aet%3A1669254276%3Ac%3A1%3Arn%3A1033266017%3Arqn%3A1%3Au%3A1669254276293561550%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C233%2C1144%2C0%2C310%2C0%2C%2C834%2C23%2C%2C%2C%2C2562%3Ans%3A1669254270021%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669254276%3At%3AExclusive%3A%20Dominican%20Republic%20expelled%20hundreds%20of%20children%20to%20Haiti%20without%20their%20families%20this%20year%20%7C%20CNN%20Smore%20Newsletter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 1bc5174e051013ed921e56f6579ca7c4
33a070b8568b15859b53dd13266239fdb6106101
bddceda9bc3c199334868922b65161ada296d9250c2838cfbab248a16443b2c1
GET /watch/91144940?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A480753389836%3Ahid%3A147634999%3Az%3A0%3Ai%3A20221124014436%3Aet%3A1669254276%3Ac%3A1%3Arn%3A1033266017%3Arqn%3A1%3Au%3A1669254276293561550%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C233%2C1144%2C0%2C310%2C0%2C%2C834%2C23%2C%2C%2C%2C2562%3Ans%3A1669254270021%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669254276%3At%3AExclusive%3A%20Dominican%20Republic%20expelled%20hundreds%20of%20children%20to%20Haiti%20without%20their%20families%20this%20year%20%7C%20CNN%20Smore%20Newsletter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/91144940/1?wmode=7&page-url=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A480753389836%3Ahid%3A147634999%3Az%3A0%3Ai%3A20221124014436%3Aet%3A1669254276%3Ac%3A1%3Arn%3A1033266017%3Arqn%3A1%3Au%3A1669254276293561550%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C233%2C1144%2C0%2C310%2C0%2C%2C834%2C23%2C%2C%2C%2C2562%3Ans%3A1669254270021%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669254276%3At%3AExclusive%3A%20Dominican%20Republic%20expelled%20hundreds%20of%20children%20to%20Haiti%20without%20their%20families%20this%20year%20%7C%20CNN%20Smore%20Newsletter&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 24 Nov 2022 01:44:36 GMT
access-control-allow-origin: https://natsegal.com
set-cookie: yandexuid=6412736681669254276; Expires=Fri, 24-Nov-2023 01:44:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6412736681669254276; Expires=Fri, 24-Nov-2023 01:44:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=227869131669254276; Path=/; SameSite=None; Secure
i=2guD4P37sNWZ+6uXRvxDDEuBDb5C7V60ib5lTWPTimhgpJJt/Hu7nBxaRUrdWiWv7OVK8Dm8SmWvdgtP2t0GWkI9xCg=; Expires=Sun, 21-Nov-2032 01:44:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1700790276.yc.1669254276#1700790276.yrts.1669254276#1700790276.yrtsi.1669254276; Expires=Fri, 24-Nov-2023 01:44:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 24-Nov-2022 01:44:36 GMT
last-modified: Thu, 24-Nov-2022 01:44:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 179ae4a91313347547a0bced0cee2454
3a39109143c7f3b77a39636350a193975d45007f
b91cdbc22c404cdcf1461fdb2443792e55ed38ba51f68d4a4b4b41ae8b1d2f35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=148561
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:36 GMT
Etag: "637e6dd5-117"
Expires: Fri, 25 Nov 2022 19:00:37 GMT
Last-Modified: Wed, 23 Nov 2022 19:00:37 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 710 B IP
Hash b43064da355a4e014c004435f461cd62
8f26b381331d0d9fd8078b4fc7cb1321e1f8bce6
7ff2911c654675afc7fefbe1d29fd33f813be85f0edbc427f071b79a4ea730de
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=101776
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:36 GMT
Etag: "637db714-118"
Expires: Fri, 25 Nov 2022 06:00:52 GMT
Last-Modified: Wed, 23 Nov 2022 06:00:52 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
200 OK 710 B IP
Hash e381d07c7b0c7919d96b0338661e32ef
503995361e21e11e64a0a9f3fa7635166d67c526
08e7838bb07ce699bb30a6666ab69be22835acfbc7c6215d0c6bbdf61826b347
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106816
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:37 GMT
Etag: "637dcac5-118"
Expires: Fri, 25 Nov 2022 07:24:53 GMT
Last-Modified: Wed, 23 Nov 2022 07:24:53 GMT
Server: nginx
Content-Length: 280
healthydishes.net/wp-content/uploads/2020/10/XclrJPXVAT16036522991603652299.6539524.jpg
200 OK 80 kB URL HTTP/2 healthydishes.net/wp-content/uploads/2020/10/XclrJPXVAT16036522991603652299.6539524.jpg
IP
Hash a1f0f1c85da238590346efd7ed8dda95
34140cf8524e9cce6e793eeae852f7819f86145d
1b620cb5124c9b5776209375fc9c5d7953f0f7a7a8c23170b6dc6be1d197ec7f
GET /wp-content/uploads/2020/10/XclrJPXVAT16036522991603652299.6539524.jpg HTTP/1.1
Host: healthydishes.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foremedianative.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:37 GMT
content-type: image/jpeg
content-length: 78488
last-modified: Mon, 27 Jun 2022 14:03:36 GMT
etag: "13298-5e26e62d59e00"
cache-control: max-age=691200
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBACTsDkcf2iCT2f%2B77NsLLeuGp%2FaAtTdO0gk7I34ErumU97xiGaDKR9nl%2B1r3a4WuYOTIwuLLhuGlu2rqrDL5y4rDeb%2FJ4xdyq2PBMt9o%2FZLB%2Fn6goEX9x7ambOjdhk6v7KiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ee75def882b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
investtips.net/wp-content/uploads/2020/01/pexels-photo-159888.jpeg
404 Not Found 489 B URL HTTP/2 investtips.net/wp-content/uploads/2020/01/pexels-photo-159888.jpeg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ca4afd3ab9c68aa6fe1eedc6f4489fc2
514342cd7d0b00d7deeb43249d4360c63f5ee7fc
eb0eebcb51d5ad81be704be2183087263cf98090b408a89c6a995d7f6a4b4299
GET /wp-content/uploads/2020/01/pexels-photo-159888.jpeg HTTP/1.1
Host: investtips.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foremedianative.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 24 Nov 2022 01:44:37 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFfKZ4SVf%2FcNccFTDY5HnwcV2eYRrf%2B3FwRgtvMBQlHYGqwm6oDOC47%2BH8DstxAH64S20TZ7kriv6nYqigT0O8zJqL%2BAvLPI2Iwhfem6aXoiCJo6Uh2gvp7ZM6ky3Hk2fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ee75dfa860fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 179ae4a91313347547a0bced0cee2454
3a39109143c7f3b77a39636350a193975d45007f
b91cdbc22c404cdcf1461fdb2443792e55ed38ba51f68d4a4b4b41ae8b1d2f35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=148560
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:37 GMT
Etag: "637e6dd5-117"
Expires: Fri, 25 Nov 2022 19:00:37 GMT
Last-Modified: Wed, 23 Nov 2022 19:00:37 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 280 B IP
Hash 4daa80b97fb0ff946b0c1640203f68c8
c978bb3f8121a4a6caba24ee64f9ab6be1e952c7
b9659436f22a3ae70ffc3a377c5d66156fefd219c7a44cd1a56f938201580033
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=106816
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:37 GMT
Etag: "637dcac5-118"
Expires: Fri, 25 Nov 2022 07:24:53 GMT
Last-Modified: Wed, 23 Nov 2022 07:24:53 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
runamarathon.net/wp-content/uploads/2019/07/tomasz-wozniak-V62UrdknDCA-unsplash-scaled.jpg
200 OK 202 kB URL HTTP/2 runamarathon.net/wp-content/uploads/2019/07/tomasz-wozniak-V62UrdknDCA-unsplash-scaled.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1440, components 3\012- data
Size 202 kB (201613 bytes)
Hash 19e1297aad03f1b93c4b9680e43e3fd1
04d445a1e200ac0e809e5811994f3ed4e5746d2f
8a358a21103eaf56bce6c3e8b650220c8744bcaf38b857c968f2b7c289bf0ece
GET /wp-content/uploads/2019/07/tomasz-wozniak-V62UrdknDCA-unsplash-scaled.jpg HTTP/1.1
Host: runamarathon.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foremedianative.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:37 GMT
content-type: image/jpeg
content-length: 201613
last-modified: Mon, 27 Jun 2022 13:52:34 GMT
etag: "3138d-5e26e3b604c80"
cache-control: max-age=691200
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sYpwc5OfVcKHiDbqe%2FiMg%2FsqgcReTOwUTZR8NjDbEEvdC%2FgkInO4Xg8WezFlMa0MArdFRQfTWCTSCd%2Bdp0C%2Bxl%2B57DJOErdbTNjUCq%2BNI9xQelFQXz3%2F4ZanioVljyaNFji"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ee75e07a9b0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14626), with no line terminators
Hash f5a8ec7497e295e7a32d951b4c2efcfc
d586a41aa166d035b5bfdac0322451ef19d70342
f265089658af009285aa2c5ad00ff26668900cf93ed3e66afc926960eb42a454
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 24 Nov 2022 01:44:37 GMT
server: cafe
content-length: 11038
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ad551ace7091b0bcbb73a9f0b0758b00
6f66566bd59661ddbe2cb8d84c2f54fc88d80f20
285174281781fecaca35ea75d2460b2585335b0ecf15f80b15575041bf385894
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 24 Nov 2022 01:44:38 GMT
expires: Thu, 24 Nov 2022 01:44:38 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:44:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 83fbc112daa891a0b425b2c16b055461
efceed2659e7b0a97388a149f8389b357d9c988e
0ee96369c127a8e02c6100a131d17d39344fb20d3806d7a7385bf2243ec8c084
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 24 Nov 2022 01:44:38 GMT
date: Thu, 24 Nov 2022 01:44:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-i9wWj4067JeQR5NJS30uDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28381329eca6c426a8b05fcdef4aafcc
a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a
4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8748
x-amzn-requestid: 864da50a-44bb-4d20-b499-08c2a140871e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtENmoAMFqKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-2705cc956f2c2aa5535533b0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xT0IorkRpXysoYMnugcrV40YaAxoRPjLmkPcv1ElteP_-rNZ1c6fog==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:48:57 GMT
age: 14142
etag: "a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91144940?wv-check=47707&wv-type=0&wmode=0&wv-part=1&wv-hit=147634999&page-url=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&rn=765471310&browser-info=gdpr%3A14%3Aet%3A1669254279%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221124014439%3Au%3A1669254276293561550%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669254279&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/91144940?wv-check=47707&wv-type=0&wmode=0&wv-part=1&wv-hit=147634999&page-url=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&rn=765471310&browser-info=gdpr%3A14%3Aet%3A1669254279%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221124014439%3Au%3A1669254276293561550%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669254279&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/91144940?wv-check=47707&wv-type=0&wmode=0&wv-part=1&wv-hit=147634999&page-url=https%3A%2F%2Fnatsegal.com%2Fexclusive-dominican-republic-expelled-hundreds-of-children-to-haiti-without-their-families-this-year-cnn%2F&rn=765471310&browser-info=gdpr%3A14%3Aet%3A1669254279%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221124014439%3Au%3A1669254276293561550%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Awe%3A1%3Ast%3A1669254279&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://natsegal.com
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 24 Nov 2022 01:44:39 GMT
access-control-allow-origin: https://natsegal.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 24-Nov-2022 01:44:39 GMT
last-modified: Thu, 24-Nov-2022 01:44:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20220105
200 OK 0 B URL HTTP/2 s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20220105
IP
GET /_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20220105 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 05 Jan 2022 12:39:57 GMT
etag: W/"61d5919d-142fa"
content-encoding: br
expires: Thu, 05 Jan 2023 13:04:48 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
public-api.wordpress.com/wp-admin/rest-proxy/
200 OK 0 B URL HTTP/2 public-api.wordpress.com/wp-admin/rest-proxy/
IP
GET /wp-admin/rest-proxy/ HTTP/1.1
Host: public-api.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:33 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
set-cookie: wp_api=%20; expires=Wed, 24-Nov-2021 01:44:32 GMT; Max-Age=0; path=/wp-admin/rest-proxy/; domain=public-api.wordpress.com; secure; SameSite=None
wp_api_sec=%20; expires=Wed, 24-Nov-2021 01:44:32 GMT; Max-Age=0; path=/; domain=public-api.wordpress.com; secure; HttpOnly; SameSite=None
content-encoding: br
x-ac: 2.arn _dca BYPASS
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
platform.foremedia.net/code/29173/c1
200 OK 0 B URL HTTP/2 platform.foremedia.net/code/29173/c1
IP
GET /code/29173/c1 HTTP/1.1
Host: platform.foremedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: DO-LB="MTAuMTM2LjAuNTo0NDM="; Max-Age=300; Path=/; HttpOnly; SameSite=Lax
cache-control: private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUMC01KyytPlu%2FT3XoJ5uRuto4KISSRcyqrpmvKfQKkxDd93FM9QfTbV2Q3oFIsfc5nE5AYQpsmpQo%2FJsPsnUkHR7ObltxEpTDPH6Ne1Jj3ua%2B9gyFwX48aBbI9MxivOClZdH3WrGXLf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ee75c5efd7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style.min.css
IP
GET /c/6.0.3/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 01:44:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
GET /c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 01:44:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
GET /c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 01:44:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.wp.com/likes/master.html?ver=202247
200 OK 0 B URL HTTP/2 widgets.wp.com/likes/master.html?ver=202247
IP
GET /likes/master.html?ver=202247 HTTP/1.1
Host: widgets.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: text/html
last-modified: Wed, 05 Jan 2022 13:04:34 GMT
vary: Accept-Encoding
etag: W/"61d59762-ae1"
content-encoding: br
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
images.cointelegraph.com/images/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTEvNmFiNTdkOGItMzE1Mi00MmFkLTk4YjctMmMzNTk0NTQ1Y2E5LmpwZw==.jpg
200 OK 0 B URL HTTP/2 images.cointelegraph.com/images/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTEvNmFiNTdkOGItMzE1Mi00MmFkLTk4YjctMmMzNTk0NTQ1Y2E5LmpwZw==.jpg
IP
GET /images/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMTEvNmFiNTdkOGItMzE1Mi00MmFkLTk4YjctMmMzNTk0NTQ1Y2E5LmpwZw==.jpg HTTP/1.1
Host: images.cointelegraph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 01:44:36 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=287786, status=webp_bigger
content-disposition: inline; filename="7261a000aa6905224d1155537c539b7a"
expires: Fri, 24 Nov 2023 01:44:36 GMT
pragma: public
vary: Accept-Encoding
x-node: ds25
last-modified: Wed, 23 Nov 2022 22:44:32 GMT
cf-cache-status: HIT
age: 10442
set-cookie: __cf_bm=ywezsRhca7v7AAWEVH2TOUAFLide4vdYuPeavomLtNg-1669254276-0-ARf5tOBM0rQSgV61Mlx6X85jF50UwewVpDlsNtOngs8uVgDluYICcEbIvsdH/LXANMTSfxtiiagLVl2qYnQdBhU=; path=/; expires=Thu, 24-Nov-22 02:14:36 GMT; domain=.cointelegraph.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76ee75da2c61b4f1-OSL
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css
IP
GET /p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 01:44:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202247.js
200 OK 0 B IP
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js
IP
GET /c/6.0.3/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 01:44:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
IP
GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:44:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 01:44:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
mc.yandex.ru/watch/91144940
302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/91144940
IP
GET /watch/91144940 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://natsegal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/91144940/1
date: Thu, 24 Nov 2022 01:44:36 GMT
set-cookie: yandexuid=3731446291669254276; Expires=Fri, 24-Nov-2023 01:44:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3731446291669254276; Expires=Fri, 24-Nov-2023 01:44:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=67268731669254276; Path=/; SameSite=None; Secure
i=jQnMGBUFA5r9E6TCeU8Pmd25ip5VCdckOpB2iBtqotalyeRse35CnpMLra15jFs8aDtxXY4nuIoKmzGa+s4JvD7Q0do=; Expires=Sun, 21-Nov-2032 01:44:30 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1700790276.yc.1669254276#1700790276.yrts.1669254276#1700790276.yrtsi.1669254276; Expires=Fri, 24-Nov-2023 01:44:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 24-Nov-2022 01:44:36 GMT
last-modified: Thu, 24-Nov-2022 01:44:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
185.28.21.131
23.36.77.32
93.184.220.29
216.58.207.195
104.18.20.226
87.250.251.119
151.101.87.5