r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3372
Expires: Fri, 03 Feb 2023 08:46:47 GMT
Date: Fri, 03 Feb 2023 07:50:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14292
Expires: Fri, 03 Feb 2023 11:48:47 GMT
Date: Fri, 03 Feb 2023 07:50:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 07:43:34 GMT
content-type: application/json
age: 421
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16578
Expires: Fri, 03 Feb 2023 12:26:53 GMT
Date: Fri, 03 Feb 2023 07:50:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sJs4tp5U9oU2VTZWcSYNf+cNHw6+QiS0xLe0vzQs0Hc4nsV55HZvD6spABAl2fkFewdE7i33uEw=
x-amz-request-id: SWR0E6TA8T2558NJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 06:52:18 GMT
age: 3497
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
209.126.127.196301 Moved Permanently 338 B URL HTTP/1.1 hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 20f9b0e5a5e9adffac0c21985aa3a65a
cc46454d559cfdb886dfd07eaaa16b2536c451bc
54083ae5b55b9f91d30ec0d1ecde10a7654cb0838f2d515e06e88dd8cb8c8f76
Analyzer Verdict Alert fortinet Phishing
GET /CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 07:50:35 GMT
Server: Apache
Location: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Content-Length: 338
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 07:50:35 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 07:49:06 GMT
age: 89
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18867
Expires: Fri, 03 Feb 2023 13:05:02 GMT
Date: Fri, 03 Feb 2023 07:50:35 GMT
Connection: keep-alive
push.services.mozilla.com/
52.10.202.214101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.10.202.214:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iL9HV/jmVlYt8H5DakNdZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PHPSCBXXrGhNuIjb+EkoPibttuk=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14620
Expires: Fri, 03 Feb 2023 11:54:16 GMT
Date: Fri, 03 Feb 2023 07:50:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14620
Expires: Fri, 03 Feb 2023 11:54:16 GMT
Date: Fri, 03 Feb 2023 07:50:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14620
Expires: Fri, 03 Feb 2023 11:54:16 GMT
Date: Fri, 03 Feb 2023 07:50:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14620
Expires: Fri, 03 Feb 2023 11:54:16 GMT
Date: Fri, 03 Feb 2023 07:50:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14620
Expires: Fri, 03 Feb 2023 11:54:16 GMT
Date: Fri, 03 Feb 2023 07:50:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02b3a6ce-4c58-4537-b381-4408c9d874e0.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02b3a6ce-4c58-4537-b381-4408c9d874e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6ea028ef77181355868bb36e11a7b88
158bbc1deaf9becfab7a022140881c7cdfa569ba
639d95e5e0d47333b64456d10fdf58a6b08fc0534bdbefd0fbf1f95a3114aae2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02b3a6ce-4c58-4537-b381-4408c9d874e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13256
x-amzn-requestid: 94897535-7110-4586-9ffe-7534c156b230
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpdsiFvmIAMFhhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0fe9-09d96dc02d459e3469edc87e;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:08:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ec39RoE09fzC07QZdbGy2XODD-Pv-iKcYES_wqhvuoO6eF7vMwGLVw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 05:58:16 GMT
etag: "158bbc1deaf9becfab7a022140881c7cdfa569ba"
content-type: image/jpeg
age: 6740
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 33763
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 1350cdd1-10c2-44e0-993d-2335a082fb91
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fstgNH0moAMF3OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db5c67-02211c3d5ca147c718348860;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 06:47:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t7OYoLCzzQakW2lqiAUaeKA00Beq4J5elQ5qF7yGUb2L7JSNUJCPNA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 05:40:54 GMT
age: 7782
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _VFg0FMYa1Dg55fLpJTwdX2uZXkYjZSFdbdAKqGQu7GF2dPiawKh1g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 05:59:16 GMT
age: 6680
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 703c7834618fd34f3d7ce5c82a51abc0
4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c
1f467ce5825e3f8b8f841293d1ce945dc7a577abbe2cb8a2caa16ace165f4857
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3385
x-amzn-requestid: 30717e1a-7a08-4b11-90e7-cd175aa667d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzrEo4oAMF1qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce4-3bc1302b4cf47fa2520e3033;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AnMRlC-rgJLk6OwzHDFeaGBuDfEuRj_n0S2o1o7QSTZqMwCIr-20-A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:35 GMT
age: 36241
etag: "4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8458d532-a4e7-4e54-9165-f01ff92729f5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8458d532-a4e7-4e54-9165-f01ff92729f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe87e986c62630127a7fdd979c802947
28ce91c8643c4bc4dcc4cd26dfc69dc6219ce5bf
770a765c927c0f81d0c41acd45a7a24f5799f9497fcc73489cab4fafbf994bdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8458d532-a4e7-4e54-9165-f01ff92729f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5256
x-amzn-requestid: b0455eb8-b10c-4328-8abe-65c5184f6654
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frx7uFcooAMFpxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dafd17-553139816e1fb7b65e683dc6;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 00:00:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pwRBB72InX8OP4KXpQKTs9T4iMY0E3hPX8Nko9gd7m1BOm8_DqbRaA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 36220
etag: "28ce91c8643c4bc4dcc4cd26dfc69dc6219ce5bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
209.126.127.196200 OK 7.8 kB URL HTTP/1.1 hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5572), with CRLF, LF line terminators
Hash c988ce78ebfabf6fde95b16a23137839
5a00f0a2720617ab3018d18b276fe131f16200c1
a631d3fd59134e9f5a346c5fdc4480ed6908228833c5495ffda35c6023b3212c
Analyzer Verdict Alert fortinet Phishing
GET /CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:35 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7765
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdnjs.cloudflare.com/ajax/libs/bootstrap-social/4.10.1/bootstrap-social.min.css
104.17.24.14200 OK 2.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-social/4.10.1/bootstrap-social.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (21140), with no line terminators
Hash 84c2b5c30eb7ec1180741c6cbb5e1fb6
6509258498bd3c144f24dd1f6ec9e05e26c07c6c
f915d3f6439618fb21f9ba0613ece85ef78920b2b490556ba5f592b810f3159c
GET /ajax/libs/bootstrap-social/4.10.1/bootstrap-social.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:38 GMT
content-type: text/css; charset=utf-8
content-length: 1995
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-5294"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 18443365
expires: Wed, 24 Jan 2024 07:50:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SFYJOBfibL%2F4ZrARe5SGySEHJGE9y5YhvW4TbyNtxsPA6sCRQb5ybVCkjQCgxnzxqvkhQb12HY%2Fod9YF5YrgmfO0X0mJ3owrBeu%2B6KTBlpdZJJyMWJ7lCKrBwXCduB5wm1zT5PY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793993abae2cb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 907398d5fb78588b0c610c0d649899e0
dfc0840362757a0f70c5cfc54b76c994912c39be
de8325abe2d1aef1555a0b54a5a4d73d05ef0e14600a0c91136510c46705de20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3149
Cache-Control: max-age=157860
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:38 GMT
Etag: "63dc7625-116"
Expires: Sun, 05 Feb 2023 03:41:38 GMT
Last-Modified: Fri, 03 Feb 2023 02:49:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.7.5/css/bootstrap-select.min.css
104.17.24.14200 OK 1.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.7.5/css/bootstrap-select.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (5666), with CRLF line terminators
Hash 196a32fc5925a1a02166ee960d120cd6
dae8437c33ec9ccce511e534ba1eae8749069681
8af7e1c873755c9c259d416dcbcd1f4cdc8f8281971a0b02fc60a92c36a4b6bb
GET /ajax/libs/bootstrap-select/1.7.5/css/bootstrap-select.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:38 GMT
content-type: text/css; charset=utf-8
content-length: 1216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-16ff"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 12754187
expires: Wed, 24 Jan 2024 07:50:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvIHxjCCVFA7bk3HXiZxzHSyWUq7CtTX6azgwXmJtsT3971LD80KA4u5FdWbSCscz6IoUjdPbUdb%2Fgd4RSd7ETpei%2BtA9dUVsWl1DKyiGFhNGVdNVGtu%2FdV8lAqjIL9bI0aeLiF4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793993abde59b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.7.5/js/bootstrap-select.min.js
104.17.24.14200 OK 7.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.7.5/js/bootstrap-select.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (30237), with CRLF, LF line terminators
Hash 834bea6a174121cdaa6ace138b96ddb6
6b1883de317e1cef69a600332acf0def786dd29f
61c53f23dd622b220ab9432eea41c46603b0cbad46adeb8ace7ae38e5d27d24f
GET /ajax/libs/bootstrap-select/1.7.5/js/bootstrap-select.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 7827
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-772b"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14123576
expires: Wed, 24 Jan 2024 07:50:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWC1vbW7SA1mD0gcAH65EpzaQ4mNFliS6XAG0bgqpwSaML3hCLJubKnvmiffWjIcxDtxRdMAL5o8Iif4864ynEWj%2FQjaMf3bxsa7sCak6vnvc1MwhPpsu3I8XAO7C%2F%2BP0VfFCdrX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793993abde5eb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hatinco.com/js/notify/notify.js
209.126.127.196200 OK 9.0 kB URL HTTP/1.1 hatinco.com/js/notify/notify.js
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1497)
Hash ff2fcb306f6f2195a9a44b9d7ddbbdea
ad5dd4854d6295bbc9585b4b2d75488282b96808
85acc823843f626d15f0905335ea93a78e7610d33b978bb5f2f138a6f51178c7
Analyzer Verdict Alert fortinet Phishing
GET /js/notify/notify.js HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Wed, 23 Mar 2022 10:22:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8950
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.google.com/recaptcha/api.js?render=6LemGtIZAAAAADCzMZN-ECpVmLllc8yue-51TgQ4
142.250.74.4200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LemGtIZAAAAADCzMZN-ECpVmLllc8yue-51TgQ4
IP 142.250.74.4:0
File type ASCII text, with very long lines (884), with no line terminators
Hash c12dad24aadb4644032868ed36370c06
d4eb075b5bb486b1db9935db5027d7b2a60dc491
a5899f4e6d2df8c4ef883df9e605737f850fc3fa521bcd9229a4628253ba03de
GET /recaptcha/api.js?render=6LemGtIZAAAAADCzMZN-ECpVmLllc8yue-51TgQ4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 03 Feb 2023 07:50:38 GMT
date: Fri, 03 Feb 2023 07:50:38 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
images.dmca.com/Badges/DMCABadgeHelper.min.js
151.139.128.10200 OK 395 B URL HTTP/2 images.dmca.com/Badges/DMCABadgeHelper.min.js
IP 151.139.128.10:0
Hash 365ad8f83802168e7326b29df6a22f4a
a096aa3c7e46525c7b7c54cb6b7987f01559b688
dafd787e6bf2c7ed10cb6c14f36ada4e5e9b7c15ffe7393cd6000acb946ebf13
GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:38 GMT
content-encoding: gzip
content-length: 395
content-type: application/javascript
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
accept-ranges: bytes
server: Microsoft-IIS/10.0
cache-control: public,max-age=31536000
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1675410638.cds239.sk1.hn,1675410638.cds225.sk1.c
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 907398d5fb78588b0c610c0d649899e0
dfc0840362757a0f70c5cfc54b76c994912c39be
de8325abe2d1aef1555a0b54a5a4d73d05ef0e14600a0c91136510c46705de20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3149
Cache-Control: max-age=157860
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:38 GMT
Etag: "63dc7625-116"
Expires: Sun, 05 Feb 2023 03:41:38 GMT
Last-Modified: Fri, 03 Feb 2023 02:49:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 907398d5fb78588b0c610c0d649899e0
dfc0840362757a0f70c5cfc54b76c994912c39be
de8325abe2d1aef1555a0b54a5a4d73d05ef0e14600a0c91136510c46705de20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3149
Cache-Control: max-age=157860
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:38 GMT
Etag: "63dc7625-116"
Expires: Sun, 05 Feb 2023 03:41:38 GMT
Last-Modified: Fri, 03 Feb 2023 02:49:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
142.250.74.42200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32038)
Hash 103708790db3586027df27ded660f8ef
d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:58:07 GMT
expires: Fri, 02 Feb 2024 00:58:07 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 111151
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 907398d5fb78588b0c610c0d649899e0
dfc0840362757a0f70c5cfc54b76c994912c39be
de8325abe2d1aef1555a0b54a5a4d73d05ef0e14600a0c91136510c46705de20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3149
Cache-Control: max-age=157860
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:38 GMT
Etag: "63dc7625-116"
Expires: Sun, 05 Feb 2023 03:41:38 GMT
Last-Modified: Fri, 03 Feb 2023 02:49:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
hatinco.com/css/main.css
209.126.127.196200 OK 3.3 kB IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type assembler source, ASCII text, with CRLF line terminators
Hash a876464ca5fb59a8baf9e31907101c74
893c310f49b232b5cbf13daf33ce92bb0abac5ff
99bf587aa820b5011f565e52aae33107921d479d11242e0137dc318abd213a90
GET /css/main.css HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2021 17:42:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3347
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-89646169-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-89646169-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 3f4191b54e5ed1c12045559475f69708
cd508348dc1b343b2c7a0ad4e053f61a0157d176
ebcc80f7beeb34425dbfdcb3bcf880ac032c9d8fbcf2f2cf387fadb8e77490a4
GET /gtag/js?id=UA-89646169-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 07:50:38 GMT
expires: Fri, 03 Feb 2023 07:50:38 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43877
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hatinco.com/css/blog/blog.css
209.126.127.196200 OK 697 B URL HTTP/1.1 hatinco.com/css/blog/blog.css
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash f153247201b1f5ca60316caa5c551d96
91464d02cc703784fd0e208ae34572eb61a4bcde
efbd373da821d0e9f8209b3e5984c96427d56f69e5b8c7b31c44143dc3c50959
GET /css/blog/blog.css HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Wed, 16 Feb 2022 13:23:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 697
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hatinco.com/js/API/senddata.js
209.126.127.196200 OK 261 B URL HTTP/1.1 hatinco.com/js/API/senddata.js
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash b109a5a6fe6ea54f5153646891fbb35a
2e9bd77f390bffaec079192df91bf4055f86d4b8
8ec304a5df1c0b9ed8c3f0cf446dc5d1dd73284760f7e93cf68a311f3833e295
Analyzer Verdict Alert fortinet Phishing
GET /js/API/senddata.js HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Mon, 29 Jun 2020 20:55:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 261
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
hatinco.com/js/API/general_function.js
209.126.127.196200 OK 1.4 kB URL HTTP/1.1 hatinco.com/js/API/general_function.js
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 568fd90d4f4b5de99cc1335e652a9e82
f125d230d4d731336a587ae9cb324d6ceaec1c7a
763f00b398330c9e2d22cf2d38428ca3da7cfc602ec24227d70f436ab220253d
Analyzer Verdict Alert fortinet Phishing
GET /js/API/general_function.js HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Mon, 29 Jun 2020 20:55:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1392
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
hatinco.com/css/footermain.css
209.126.127.196200 OK 1.6 kB URL HTTP/1.1 hatinco.com/css/footermain.css
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash a80843d3e65530298ea8becec9cc1dea
7853e63ff673a8b57729e66e8cd4f6238c756857
e1be26aa70b6223675cf4b42f14c12bb028221bb21697c07575acd693520a446
GET /css/footermain.css HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Sun, 30 Jan 2022 17:24:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1591
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hatinco.com/css/modals/loading.css
209.126.127.196200 OK 394 B URL HTTP/1.1 hatinco.com/css/modals/loading.css
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 318ef95f5a052249202d4f78faac9f39
64a481823a40216647d24b2660261e47ce26e2cc
4d2a418775b8208fc1008fafd99af62837946c26e59485cef7a0687b1fa620f4
GET /css/modals/loading.css HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Sun, 05 Dec 2021 15:57:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 394
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hatinco.com/css/headtop.css
209.126.127.196200 OK 668 B URL HTTP/1.1 hatinco.com/css/headtop.css
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 04b321d3362808eebab0bad32002a661
7bec587a8f24854a9efa527c0cae71c37ab3cb29
f4a825d15a47751755efa87489c85def89779690d34bf438bdad1207474d27c4
GET /css/headtop.css HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Tue, 23 Nov 2021 12:05:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 668
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hatinco.com/js/modules/packages/module_order.js
209.126.127.196200 OK 478 B URL HTTP/1.1 hatinco.com/js/modules/packages/module_order.js
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash f05cc96dc64a72eaa5f8df6d0eecd560
d12b03bda891326737175cb6d289aa9a3e2df18c
2b10428d80c0a687b78dc5b005a9b6e42ec8cf7dd03f39aa3e4371867930893d
Analyzer Verdict Alert fortinet Phishing
GET /js/modules/packages/module_order.js HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Mon, 12 Dec 2022 10:28:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 478
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap
142.250.74.138200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap
IP 142.250.74.138:0
Hash 60a2be590eb3da6c2b208102e8db8b62
08299470940c8e1c3946caee3f387a9922cffb4c
8cafc4b5085577e7fcd621206621df52e98dca15eff2d5ca3684770edcca3145
GET /css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 07:50:38 GMT
date: Fri, 03 Feb 2023 07:50:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hatinco.com/js/modules/packages/create_order.js
209.126.127.196200 OK 1.0 kB URL HTTP/1.1 hatinco.com/js/modules/packages/create_order.js
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 147e41f317bd91d285174d7e9f7ffad6
93f8d71ab05eb544719ea9ff00554b7ef98eb1f2
3e2022c5c5bc9bc2cd19194ae5ded7a5fae04447cb24da670617523059e82e57
Analyzer Verdict Alert fortinet Phishing
GET /js/modules/packages/create_order.js HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Fri, 06 Jan 2023 08:04:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1030
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
hatinco.com/js/index.js
209.126.127.196200 OK 1.0 kB IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 0e6b59d2631710cd9b632376db513d7e
ad7d417bb72542f8046db7ffa41273d7678dc87f
080afe16d9bb84cc21498ee6dd6b4ecf008ee97189f87c734a80a070f89c8076
Analyzer Verdict Alert fortinet Phishing
GET /js/index.js HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:38 GMT
Server: Apache
Last-Modified: Sun, 20 Nov 2022 10:17:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1004
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
hatinco.com/js/change_currency.js
209.126.127.196200 OK 243 B URL HTTP/1.1 hatinco.com/js/change_currency.js
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash cadae594a01e887d5c5df7eeabcfaacb
714346d934e5a3d41307e7d2a89e90456835bc24
f6b2a62f9755731cf902320fcd01bffab7d0638008c7a24f92bba8d0d48317c9
Analyzer Verdict Alert fortinet Phishing
GET /js/change_currency.js HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 12:13:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 243
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 17:46:05 GMT
expires: Thu, 01 Feb 2024 17:46:05 GMT
cache-control: public, max-age=31536000
age: 137074
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hatinco.com/images/currency/european-union.png
209.126.127.196200 OK 524 B URL HTTP/1.1 hatinco.com/images/currency/european-union.png
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 38 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash a9af907625b2d3a19064d761433b60dc
e989fffd04852b78eae089594c3a3e8efbbc66c6
1a10f463f58cca2eef2db4c9958df426c1b23c8a72ebfabafbd0557358a08cde
GET /images/currency/european-union.png HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 11:37:56 GMT
Accept-Ranges: bytes
Content-Length: 524
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
hatinco.com/images/logo2.png
209.126.127.196200 OK 5.7 kB URL HTTP/1.1 hatinco.com/images/logo2.png
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 154 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash 5dd9c23f5e5b5ff2b54609357ed54e90
3f5f20b35593718ea4e4016dd4937b5d156499dc
fdceb707bebc4cf659476f95c06a0f09c033c8db05458a43cd089bce9520a291
GET /images/logo2.png HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Mon, 06 Jul 2020 06:13:56 GMT
Accept-Ranges: bytes
Content-Length: 5671
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f70b4947b19bd3fa059e2537f6992310
00db7e5e511744bd041bf1119f91c1f0c08beb03
337ba94ca2dbeca65ba7ca7220177a4474bf4296c3298e3779d04e046f8e567f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3039
Cache-Control: max-age=116692
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:39 GMT
Etag: "63dbd5c4-116"
Expires: Sat, 04 Feb 2023 16:15:31 GMT
Last-Modified: Thu, 02 Feb 2023 15:24:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
hatinco.com/images/footerimages/png-1.png
209.126.127.196200 OK 2.3 kB URL HTTP/1.1 hatinco.com/images/footerimages/png-1.png
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash a8ed3dd1aa620f59cd59af025489c582
a71eb8863e7c2f5778c64cb904a4b1df796c8f69
80f0756c8b369c5a3dfdfa4140be3fd19ddb8cfa73bd0c682ee5ce9b0b16ff59
GET /images/footerimages/png-1.png HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Mon, 16 Nov 2020 04:17:38 GMT
Accept-Ranges: bytes
Content-Length: 2300
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
hatinco.com/images/footerimages/png-4.png
209.126.127.196200 OK 4.6 kB URL HTTP/1.1 hatinco.com/images/footerimages/png-4.png
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e9c9dd9e9efb494311113d09ed513f7
d83619b428c6a12de6620972e674b0cfefb84d0f
4f4f10c71c513c21309df855f4c6fc01ac74936f781cafe98910677aa66fd87e
GET /images/footerimages/png-4.png HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Mon, 16 Nov 2020 04:17:38 GMT
Accept-Ranges: bytes
Content-Length: 4562
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
hatinco.com/images/footerimages/png-2.png
209.126.127.196200 OK 1.3 kB URL HTTP/1.1 hatinco.com/images/footerimages/png-2.png
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash c56868601e08e0c79f3ea5f3a9a503e1
6e7c52dd0564131623bfbcb2b6e781921e61b50e
5035a2ffbecf1a92869d1f43a1e6abbe47f8231807349d693556a20f253c69d7
GET /images/footerimages/png-2.png HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Mon, 16 Nov 2020 04:17:38 GMT
Accept-Ranges: bytes
Content-Length: 1326
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
hatinco.com/images/review-logo-2.png
209.126.127.196200 OK 5.5 kB URL HTTP/1.1 hatinco.com/images/review-logo-2.png
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f2c7fac85253266cf56a932d396e7e2
c3f2e81eb819f5ad0400a75cb01e0d5a5dd13150
96119ddeaae2bf82333adc5a7a054320f78eba5679fd5c96588190020d6df1bd
GET /images/review-logo-2.png HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 09:14:21 GMT
Accept-Ranges: bytes
Content-Length: 5527
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f70b4947b19bd3fa059e2537f6992310
00db7e5e511744bd041bf1119f91c1f0c08beb03
337ba94ca2dbeca65ba7ca7220177a4474bf4296c3298e3779d04e046f8e567f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3039
Cache-Control: max-age=116692
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:39 GMT
Etag: "63dbd5c4-116"
Expires: Sat, 04 Feb 2023 16:15:31 GMT
Last-Modified: Thu, 02 Feb 2023 15:24:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
hatinco.com/images/footerimages/png-6.png
209.126.127.196200 OK 2.8 kB URL HTTP/1.1 hatinco.com/images/footerimages/png-6.png
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 17eb1d2c5a92022914f0f73092d5a631
b2a4ac29282eea021705a5260fc1089f2a201bc3
4efe7053d6b19abe889d8e88beb75e282f30876a46088f141bf86b20377fba14
GET /images/footerimages/png-6.png HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Mon, 16 Nov 2020 04:17:39 GMT
Accept-Ranges: bytes
Content-Length: 2836
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
hatinco.com/images/Microsoft-Partner-logo.png
209.126.127.196200 OK 2.1 kB URL HTTP/1.1 hatinco.com/images/Microsoft-Partner-logo.png
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 137 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 44b30153c908e0cd4fdb3e851ab1ff79
02990ba3d437ab5143dc7f2e59957ff6680fa270
6a6cb69328a72f938e1c326cbb34ac0b404c0ac81effa5862fe31bb91a14f72c
GET /images/Microsoft-Partner-logo.png HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2022 04:39:13 GMT
Accept-Ranges: bytes
Content-Length: 2092
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5c0415c82f662ba2bd77ec3a92b59a8d
8a57a728fac95c805dc25f63ae17eb99e42a34e0
000570228d4cb265b8d73a0f285356bfb6dca49bace0f536cde370fc702c6e30
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=101795
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:39 GMT
Etag: "63dba772-117"
Expires: Sat, 04 Feb 2023 12:07:14 GMT
Last-Modified: Thu, 02 Feb 2023 12:07:14 GMT
Server: nginx
Content-Length: 279
hatinco.com/images/currency/pkr.png
209.126.127.196200 OK 544 B URL HTTP/1.1 hatinco.com/images/currency/pkr.png
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 38 x 24, 8-bit colormap, non-interlaced\012- data
Hash 9cf3ca4937c490a2d92db95d22efc918
effdcb857099ef333c587f1ab7a25167262a8ac4
740c945b38a4667b9aac8b365e48b24e62f8d4c288b5b9a85682f2c1eab0bff7
GET /images/currency/pkr.png HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Tue, 23 Nov 2021 09:46:18 GMT
Accept-Ranges: bytes
Content-Length: 544
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
hatinco.com/images/currency/usd.png
209.126.127.196200 OK 946 B URL HTTP/1.1 hatinco.com/images/currency/usd.png
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 38 x 24, 8-bit colormap, non-interlaced\012- data
Hash f88b26f78cd81f118b0958785a5a63c8
5a0052e889baad96c9d4fe20251f8e994048c785
75bc1049bad9288c1d05e464349aa1d28af6ff4fb3e7b56e01a5179f1a1d0c94
GET /images/currency/usd.png HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Tue, 23 Nov 2021 09:46:13 GMT
Accept-Ranges: bytes
Content-Length: 946
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
hatinco.com/images/footerimages/footerlasteditbg.jpg
209.126.127.196200 OK 30 kB URL HTTP/1.1 hatinco.com/images/footerimages/footerlasteditbg.jpg
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1924x297, components 3\012- data
Hash 64fa598770a9f3a506b3528a4ef74f61
edb30d1aa5c43f0b978b97a1836c2d91031114b1
c0c0393b55d477da50ff52111645b1708432099c4dcb9e8f68e89939412829cb
GET /images/footerimages/footerlasteditbg.jpg HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/css/footermain.css
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Tue, 10 Nov 2020 06:06:06 GMT
Accept-Ranges: bytes
Content-Length: 29477
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets.js
192.229.233.25200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 990
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:39 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 07:44:08 GMT
expires: Fri, 03 Feb 2023 09:44:08 GMT
cache-control: public, max-age=7200
age: 391
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 75B0E97AC21A41EB82B0F7EBDAD50965 Ref B: OSL30EDGE0319 Ref C: 2023-02-03T07:50:39Z
date: Fri, 03 Feb 2023 07:50:38 GMT
X-Firefox-Spdy: h2
cse.google.com/cse.js?cx=71aec3c417d784661
142.250.74.174200 OK 3.0 kB URL HTTP/2 cse.google.com/cse.js?cx=71aec3c417d784661
IP 142.250.74.174:0
File type ASCII text, with very long lines (1247)
Hash 2b43d55eb507f4db86e8857339c30d8d
9610f385cc8dfdbe4d402b0ab0714dfafa082137
cd7f2ec39c8b873893d88ba9eb91abb8817e85ece4f45ce0ca38f5f13d15361f
GET /cse.js?cx=71aec3c417d784661 HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Fri, 03 Feb 2023 07:50:39 GMT
server: gws
content-length: 3022
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+830; expires=Sun, 02-Feb-2025 07:50:39 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Feb 2023 07:50:39 GMT
cache-control: private
X-Firefox-Spdy: h2
hatinco.com/images/favicon.ico
209.126.127.196200 OK 12 kB URL HTTP/1.1 hatinco.com/images/favicon.ico
IP 209.126.127.196:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Hash 2030ab9fc78c4c27c8fbdcfa946a3ca3
5ff90e4b111f761839443134734745fdfdd1077f
d71a210e04397286a6e0f9285e10be7f5c7f27c1a885641827c01ef8a56dd919
GET /images/favicon.ico HTTP/1.1
Host: hatinco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/CBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm
Cookie: PHPSESSID=a9916d8b3475d591ba6f2c21beda255c; _gcl_au=1.1.1929330018.1675410669
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 07:50:39 GMT
Server: Apache
Last-Modified: Mon, 22 Jun 2020 16:44:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12537
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/x-icon
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.99200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 17:44:05 GMT
expires: Thu, 01 Feb 2024 17:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 137194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9414574108715897
142.250.74.66200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9414574108715897
IP 142.250.74.66:0
File type ASCII text, with very long lines (4879)
Hash 307af7b86d107469354d8c88e8ff55f8
35e1cb14983f50b5dca55602fec05f5adc3200cf
5019ec8cc78d19a47f716d8025641672ce66e315c30b50a525a4cefce60aa8f8
GET /pagead/js/adsbygoogle.js?client=ca-pub-9414574108715897 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 03 Feb 2023 07:50:39 GMT
expires: Fri, 03 Feb 2023 07:50:39 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12167305846011169957
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49798
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=522528612&t=pageview&_s=1&dl=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&ul=en-us&de=UTF-8&dt=What%20Shutterstock%27s%20AI%20Image%20Generator%20Means%20for%20Users%20-%20MUO%20-%20MakeUseOf&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1217304753&gjid=1473237040&cid=1476282868.1675410669&tid=UA-89646169-1&_gid=240369723.1675410669&_r=1&_slc=1&z=220678965
142.250.74.110200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=522528612&t=pageview&_s=1&dl=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&ul=en-us&de=UTF-8&dt=What%20Shutterstock%27s%20AI%20Image%20Generator%20Means%20for%20Users%20-%20MUO%20-%20MakeUseOf&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1217304753&gjid=1473237040&cid=1476282868.1675410669&tid=UA-89646169-1&_gid=240369723.1675410669&_r=1&_slc=1&z=220678965
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=522528612&t=pageview&_s=1&dl=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&ul=en-us&de=UTF-8&dt=What%20Shutterstock%27s%20AI%20Image%20Generator%20Means%20for%20Users%20-%20MUO%20-%20MakeUseOf&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1217304753&gjid=1473237040&cid=1476282868.1675410669&tid=UA-89646169-1&_gid=240369723.1675410669&_r=1&_slc=1&z=220678965 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://hatinco.com
date: Fri, 03 Feb 2023 07:50:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230201/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Fri, 03 Feb 2023 05:56:14 GMT
expires: Fri, 17 Feb 2023 05:56:14 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 6865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.htmlcommentbox.com/jread?page=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&mod=%241%24wq1rdBcg%248zHXZtKoEIW1v91GvA%2FwO.&opts=16862&num=10&ts=1615119073229
172.67.70.143200 OK 112 kB URL HTTP/2 www.htmlcommentbox.com/jread?page=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&mod=%241%24wq1rdBcg%248zHXZtKoEIW1v91GvA%2FwO.&opts=16862&num=10&ts=1615119073229
IP 172.67.70.143:0
File type HTML document, ASCII text, with very long lines (22351), with no line terminators
Size 112 kB (112056 bytes)
Hash 08a1488fc18abe58057d955d733596be
be1591bfa4c64ced6775edf029ef374c2706d228
6d1f32b5431d66899e03645ad4d05a6b4183f9e1196dc3acd32f01bba859702a
GET /jread?page=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&mod=%241%24wq1rdBcg%248zHXZtKoEIW1v91GvA%2FwO.&opts=16862&num=10&ts=1615119073229 HTTP/1.1
Host: www.htmlcommentbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:39 GMT
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcSVv6nXMOBXatHofghnMzSonHhx%2FSooGKAAyobfMMOx9A8KZ302JtPkVaAR8UqRE2Y2DTF00jCGHJcTAMkExiJ7CZZ3NM5UnHpbmjNkftM%2Bvp6ay5x1uh3d9t2QRh0j6RoSvpEslBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793993af2b9b0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 2fdd4a71f94f887227623bed4f75dcc6
ef9e6c5749f2702c61580fa3e038a16a8bfca94f
7c7d42a969377c086baef4a6f4f6792c7b4dd3c09714876f17fbb39cf6ca8c5e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5346
Cache-Control: max-age=168296
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:39 GMT
Etag: "63dc9655-13a"
Expires: Sun, 05 Feb 2023 06:35:35 GMT
Last-Modified: Fri, 03 Feb 2023 05:06:29 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash ead5df3e30e38bb1a739ababb3292302
b5986cff7222999bf19e360ced4a445a2202c82c
768a8260af372a1ca06f826c3a3f84b6bc4523130134b32998baf75b64d7de4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.twitter.com/settings?session_id=7f330dad7651239b242f3909de7ac99f53afd0e1
104.244.42.8200 OK 326 B URL HTTP/2 syndication.twitter.com/settings?session_id=7f330dad7651239b242f3909de7ac99f53afd0e1
IP 104.244.42.8:0
File type JSON data\012- , ASCII text, with very long lines (919), with no line terminators
Hash 11f6a2d6bb52340b52d53f9cf72973e8
ea0c3e5d850a2659b3344d84957b691a6f7942b8
a0b2545f4adeaf91f7a23b95f43c682557bdfd1e59d2cf394d10a01f97c886ff
GET /settings?session_id=7f330dad7651239b242f3909de7ac99f53afd0e1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:39 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Fri, 03 Feb 2023 07:50:39 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: f04096311fe823a9
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 109
x-connection-hash: 500f61e0ac0b5cf8c262f06d87552a3f2ea8b8b445081729002ff6bcb5a0bd1a
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=hatinco.com&callback=_gfp_s_&client=ca-pub-9414574108715897
142.250.74.98200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=hatinco.com&callback=_gfp_s_&client=ca-pub-9414574108715897
IP 142.250.74.98:0
File type ASCII text, with very long lines (389), with no line terminators
Hash 3c52ce3dc751ed30bae58984117cfbd1
e2bd37ace264d69c477ba74fe1216dcaebf81204
84c91b46098382644e562aba34081991d6ec2d4f65e587f1213f3c6e7199d5f0
GET /gampad/cookie.js?domain=hatinco.com&callback=_gfp_s_&client=ca-pub-9414574108715897 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 03 Feb 2023 07:50:40 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=hatinco.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=hatinco.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=hatinco.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 03 Feb 2023 07:50:40 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=hatinco.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=hatinco.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=hatinco.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 03 Feb 2023 07:50:40 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash ead5df3e30e38bb1a739ababb3292302
b5986cff7222999bf19e360ced4a445a2202c82c
768a8260af372a1ca06f826c3a3f84b6bc4523130134b32998baf75b64d7de4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=137027167&tm=gtm002&Ver=2&mid=6b91fd00-fd13-474c-b602-8d72ecb68177&sid=85d7a4a0a39711edbb78294ecf2e6ad4&vid=85d7a4e0a39711edb61091a84fd3fd4c&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=What%20Shutterstock%27s%20AI%20Image%20Generator%20Means%20for%20Users%20-%20MUO%20-%20MakeUseOf&p=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&r=<=4046&evt=pageLoad&sv=1&rn=480328
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=137027167&tm=gtm002&Ver=2&mid=6b91fd00-fd13-474c-b602-8d72ecb68177&sid=85d7a4a0a39711edbb78294ecf2e6ad4&vid=85d7a4e0a39711edb61091a84fd3fd4c&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=What%20Shutterstock%27s%20AI%20Image%20Generator%20Means%20for%20Users%20-%20MUO%20-%20MakeUseOf&p=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&r=<=4046&evt=pageLoad&sv=1&rn=480328
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=137027167&tm=gtm002&Ver=2&mid=6b91fd00-fd13-474c-b602-8d72ecb68177&sid=85d7a4a0a39711edbb78294ecf2e6ad4&vid=85d7a4e0a39711edb61091a84fd3fd4c&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=What%20Shutterstock%27s%20AI%20Image%20Generator%20Means%20for%20Users%20-%20MUO%20-%20MakeUseOf&p=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&r=<=4046&evt=pageLoad&sv=1&rn=480328 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=26126DA9B68D613B23017F04B7DA6066; domain=.bing.com; expires=Wed, 28-Feb-2024 07:50:40 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D07CCCC73E6C4BF784B86813CECE0E10 Ref B: OSL30EDGE0319 Ref C: 2023-02-03T07:50:40Z
date: Fri, 03 Feb 2023 07:50:39 GMT
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-89646169-1&cid=1476282868.1675410669&jid=1522221112&gjid=1909927768&_gid=240369723.1675410669&_u=YEDAAUABAAAAACAAI~&z=994040755
173.194.222.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-89646169-1&cid=1476282868.1675410669&jid=1522221112&gjid=1909927768&_gid=240369723.1675410669&_u=YEDAAUABAAAAACAAI~&z=994040755
IP 173.194.222.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-89646169-1&cid=1476282868.1675410669&jid=1522221112&gjid=1909927768&_gid=240369723.1675410669&_u=YEDAAUABAAAAACAAI~&z=994040755 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hatinco.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 07:50:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-89646169-1&cid=1476282868.1675410669&jid=1217304753&gjid=1473237040&_gid=240369723.1675410669&_u=IEBAAEAAAAAAACAAI~&z=1730836268
173.194.222.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-89646169-1&cid=1476282868.1675410669&jid=1217304753&gjid=1473237040&_gid=240369723.1675410669&_u=IEBAAEAAAAAAACAAI~&z=1730836268
IP 173.194.222.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-89646169-1&cid=1476282868.1675410669&jid=1217304753&gjid=1473237040&_gid=240369723.1675410669&_u=IEBAAEAAAAAAACAAI~&z=1730836268 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hatinco.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 07:50:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:05:58 GMT
expires: Fri, 02 Feb 2024 10:05:58 GMT
cache-control: public, max-age=31536000
age: 78282
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:13:01 GMT
expires: Fri, 02 Feb 2024 03:13:01 GMT
cache-control: public, max-age=31536000
age: 103059
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/p/action/137027167.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/137027167.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/137027167.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 19D079073FCD4F85A9FB16E86BBB9E0F Ref B: OSL30EDGE0319 Ref C: 2023-02-03T07:50:40Z
date: Fri, 03 Feb 2023 07:50:39 GMT
X-Firefox-Spdy: h2
platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
192.229.233.25200 OK 3.0 kB URL HTTP/1.1 platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (8260), with no line terminators
Hash 289f70783495bd412699d3080161a29c
c9c5efdabe8101011e0dc60cc8b653653d7daf1f
67be101c65d59fa643c74d21dadc929eef0b79421a1e5f4622dbb1c3284b4631
GET /js/timeline.16b53cc33aaa562f8f41a495bf720289.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 814044
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:40 GMT
Etag: "569768187d20181e1cdea6aa19f3a4b4+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2964
adservice.google.no/adsid/integrator.js?domain=hatinco.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=hatinco.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=hatinco.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 03 Feb 2023 07:50:40 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.htmlcommentbox.com/static/images/feed.svg
172.67.70.143200 OK 540 B URL HTTP/2 www.htmlcommentbox.com/static/images/feed.svg
IP 172.67.70.143:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (717)
Hash e5cce9c849fa7255b70ecff78f937180
985d5802477357b680eabb1b11f5d917558f880e
422cbb97f655acb6e8fd9634748ffa6aeacda8a376b0c4757a79993651d8231c
GET /static/images/feed.svg HTTP/1.1
Host: www.htmlcommentbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:39 GMT
content-type: image/svg+xml
last-modified: Mon, 01 Mar 2021 13:52:56 GMT
etag: W/"603cf1b8-4ef"
expires: Fri, 03 Mar 2023 22:34:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 119766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BxlmebCMH8YQ1vUCGXRUNfyYhKMhtMenJZ%2BLMuUhQMRFdKvb6AmsJb%2FG%2BcTqwgXM3WeqzmgZyrb5GT4VeCLroxAlYf%2BaO39suLwVmn0GFzjNbVlFccdYLm0mLQuLsV0Xqfz4eODU54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793993b2cf1e0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=hatinco.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=hatinco.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=hatinco.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 03 Feb 2023 07:50:40 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
syndication.twitter.com/srv/timeline-profile/screen-name/HatProgrammers?creatorScreenName=HatProgrammers&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=1000px&origin=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&sessionId=7f330dad7651239b242f3909de7ac99f53afd0e1&showHeader=true&showReplies=false&siteScreenName=HatProgrammers&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
104.244.42.8200 OK 5.4 kB URL HTTP/2 syndication.twitter.com/srv/timeline-profile/screen-name/HatProgrammers?creatorScreenName=HatProgrammers&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=1000px&origin=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&sessionId=7f330dad7651239b242f3909de7ac99f53afd0e1&showHeader=true&showReplies=false&siteScreenName=HatProgrammers&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
IP 104.244.42.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65372), with no line terminators
Hash 274b85bfd6ceb349f6dfc570d3065a23
e120a94b71255057f2a5d93b0af97b408efd5691
37fd4d20412b56b10bc3b1b62b8ea3f5ac0993ca39d6717fb47cc4e41c585bdd
GET /srv/timeline-profile/screen-name/HatProgrammers?creatorScreenName=HatProgrammers&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=1000px&origin=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&sessionId=7f330dad7651239b242f3909de7ac99f53afd0e1&showHeader=true&showReplies=false&siteScreenName=HatProgrammers&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:40 GMT
etag: "101d1-8P8C5tLMWil8FFHYEdlzFFNZUE8"
perf: 7626143928
server: tsa_o
content-type: text/html; charset=utf-8
cache-control: must-revalidate, max-age=60
x-transaction-id: 91e871504875c8df
x-xss-protection: 0
strict-transport-security: max-age=631138519
content-encoding: gzip
content-length: 5423
x-response-time: 339
x-connection-hash: 500f61e0ac0b5cf8c262f06d87552a3f2ea8b8b445081729002ff6bcb5a0bd1a
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js
192.229.233.25200 OK 2.2 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (4155), with no line terminators
Hash 48a927c41072f5796731387d71328bce
17ea7ef4f55d98a091d4f1d2951003ca69c75fc4
5ed9748db26cb54cc994c0ea96bc05aa96b5b8cc23cdfae6fc169743a729c1c3
GET /_next/static/chunks/runtime-bd6a33ee4b81c374d84a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 117664
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:40 GMT
Etag: "3c59d8987afc673c8c0655b21a2e0858+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2234
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 832775a408c718892e82db29cfd714ee
4b05adbde482a9d0e8290326273c8cc52b051123
2e24e9ddbdb9326d57ee324b8b8280d7fb51266af3109226a95f866149090062
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
192.229.233.25200 OK 97 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (56973)
Hash c90e8185989c2a28bc2e270d6a6aaf38
5001d06de00ccae6c64fbc5c9de43bdab21eb9e1
8da69e1b826ae39c764288e24e5c635a026d7c268685ee88cf9a13f5051ee522
GET /_next/static/chunks/modules.20f98d7498a59035a762.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 814046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:40 GMT
Etag: "1c54378254eefb52fea75b3c31dfe51d+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:31 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F705)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 95842
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 832775a408c718892e82db29cfd714ee
4b05adbde482a9d0e8290326273c8cc52b051123
2e24e9ddbdb9326d57ee324b8b8280d7fb51266af3109226a95f866149090062
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 07:50:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
142.250.74.161200 OK 9.0 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
IP 142.250.74.161:0
File type ASCII text, with very long lines (1672)
Hash 9aa683d616d8b2d10fe0100d761df816
60f84308b40072edcc24b6fd54c68247786001aa
2e8549a4bc0e1f4a4eda2637f239105e780b2ae2879c9a241b1ffe7130386e0a
GET /pagead/js/r20230201/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8993
x-xss-protection: 0
date: Thu, 02 Feb 2023 19:49:13 GMT
expires: Thu, 16 Feb 2023 19:49:13 GMT
cache-control: public, max-age=1209600
age: 43287
etag: 12355142264901698679
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
142.250.74.161200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.161:0
File type ASCII text, with very long lines (1605)
Hash aeaebc4fec11dcafa566897f3b2aa937
7b4507c8793c1ce833dccaeb7dbc956c1fd06668
c23b4a16d9468c0018f502492594408fc809fc0fe003aed2f1145ba3dca87bae
GET /pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:43:53 GMT
expires: Thu, 16 Feb 2023 21:43:53 GMT
cache-control: public, max-age=1209600
age: 36407
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d.clarity.ms/collect
40.76.174.66204 No Content 0 B IP 40.76.174.66:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 51294
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://hatinco.com
access-control-allow-credentials: true
date: Fri, 03 Feb 2023 07:50:40 GMT
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js
192.229.233.25200 OK 668 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (1338), with no line terminators
Hash a89c7430b892cb0e48c80509386cce38
2db0ffe7707d4ea752666b85d613b19ac3e32e29
06f314d281c0480b56cccf3fadc95acf6e6a95c7b0bb5860923d32fda9c88b37
GET /_next/static/chunks/pages/_app-88bf420a57d49e33be53.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 117713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:40 GMT
Etag: "2856f57c62c238a564ef576bbc50ca4a+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 668
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
192.229.233.25200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (13508), with no line terminators
Hash ceaefa8dbb25d1fcdcc03eb51b3bad58
31a55bb25041e12c5baf5e3c10c1ca9f1224d2c2
b20cdf2d284b3138299ad84c4840bb787d204faa201049a7ea417bdadbf76d98
GET /_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 814046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:40 GMT
Etag: "e78034c651c8a81b2acd83dc7e7ad407+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1290
platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js
192.229.233.25200 OK 451 B URL HTTP/1.1 platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (1325), with no line terminators
Hash 7fd2849742282ee323e46e5068b5d59f
aaa75f6f3cdcd73e3fad4cf5dfafe67283b2fcea
ef5371b79b0be51f24f7ccba4abbf57ff5a16745ca7303cd4f958180a302fc02
GET /_next/static/2DCA_RcotTBMjJMowAtrp/_buildManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 117713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:40 GMT
Etag: "bd9a3afe8a64146469f036be13628170+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 451
platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js
192.229.233.25200 OK 76 B URL HTTP/1.1 platform.twitter.com/_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js
IP 192.229.233.25:0
File type ASCII text, with no line terminators
Hash abee47769bf307639ace4945f9cfd4ff
c0a0dc51ee8a2852baf5ff30c33b1478ff302585
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
GET /_next/static/2DCA_RcotTBMjJMowAtrp/_ssgManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 117663
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:40 GMT
Etag: "abee47769bf307639ace4945f9cfd4ff"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 76
platform.twitter.com/_next/static/chunks/16.83edf0a92864b221c4c2.js
192.229.233.25200 OK 12 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/16.83edf0a92864b221c4c2.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (38311), with no line terminators
Hash e9152435e6cbecaad6c1606afd0edf57
a396f1f0a5615066aabab74644fedd50ec360fe5
17e23603b958fb3c95f0783f6305781d16a4dd966a9592d2facd56d4f9678398
GET /_next/static/chunks/16.83edf0a92864b221c4c2.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 117713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:40 GMT
Etag: "cc91d8b3ed42cb1fdceb72053c094b19+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F706)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12051
platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
192.229.233.25200 OK 7.7 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (23122), with no line terminators
Hash 73baa3debbf84cb65f7e594ac3fba515
e78e5f5502aa0699efa7946012a52918d4dbff57
9fd4a9285078cb2898430bf965b39ca27b98fb48f0a97f52746ccad0f87e73fc
GET /_next/static/chunks/2.691622e4391d1973cb65.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 814046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:40 GMT
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 7674
platform.twitter.com/_next/static/chunks/6.23c33d3dbf51f67f2970.js
192.229.233.25200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/6.23c33d3dbf51f67f2970.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (2558), with no line terminators
Hash fbfe9c7bbfc4a737388d8eaf1fbcf291
5fa25c339b216d7f437a9ab355f9f64372b1a1c2
7fe34550767b1cffdba1f955cfc374520ec909fe76799eb43a1daed3e5f681a9
GET /_next/static/chunks/6.23c33d3dbf51f67f2970.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 117713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:41 GMT
Etag: "0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1276
platform.twitter.com/_next/static/chunks/1.33d5194e3e24fe3f42e2.js
192.229.233.25200 OK 39 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/1.33d5194e3e24fe3f42e2.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 298a7dfda72b1dc8e83328c282f202a4
348d741871e8c92950faf30fc5bf6a60adb02ee0
99654e867ed549caf1f6dcdba8afa1bd0ea2f3c089f7daded0a49fdf5af34e08
GET /_next/static/chunks/1.33d5194e3e24fe3f42e2.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 117713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:41 GMT
Etag: "eede84fca518a97ffc0d7f8a062820b9+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 39063
platform.twitter.com/_next/static/chunks/4.c99a76747fd916e95958.js
192.229.233.25200 OK 67 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/4.c99a76747fd916e95958.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6daaa66e067adf091d7d7417f8ba56dd
fa37d93fa118af2d2be630e6a0044f58b6a4fda1
655fef49b15129489c6375f65bcc70a9cc7e0f15e03f79208ad34100d6805715
GET /_next/static/chunks/4.c99a76747fd916e95958.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 814046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:41 GMT
Etag: "813fe12fe49871b42d9cd17b5f80c663+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:31 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 66820
platform.twitter.com/_next/static/chunks/3.9ea9198afb6f33351d13.js
192.229.233.25200 OK 166 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/3.9ea9198afb6f33351d13.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 166 kB (166211 bytes)
Hash d8fe79e8f967becafd075c41f3d2e07e
994c1be5605fc5d731f0e5ed6c338b43a930598a
163f0ff4acdf6f882ca2cf34d586dbf1529330d4d4a32d46b2b6ea78b1097b14
GET /_next/static/chunks/3.9ea9198afb6f33351d13.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 117713
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:41 GMT
Etag: "b504a1691341799c78aca542f5795340+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 166211
platform.twitter.com/_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js
192.229.233.25200 OK 2.8 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (7266), with no line terminators
Hash 8be16d98914bca0c28d6ca4ff70da965
482e130207a08ea6477aae9e0e7cff18e43b1a99
d4780fd20a4b9f4ab4e00778ea83cdd250fe047735485b0b5fb782fc872dd3a3
GET /_next/static/chunks/ondemand.Dropdown.d3a078133b9e5555597a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 117663
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:41 GMT
Etag: "ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Last-Modified: Wed, 01 Feb 2023 23:04:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F705)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2822
abs-0.twimg.com/emoji/v2/svg/1f1f5-1f1f8.svg
104.244.43.131200 OK 264 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f1f5-1f1f8.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (396), with no line terminators
Hash 57731d81d8fe01e30aa7578e40927438
35273393cb82e010ee29061004dec418f45f5327
92f6d610325738bfdccca63c0eeebf66821aa667f28fd469aa0669d3d5265079
GET /emoji/v2/svg/1f1f5-1f1f8.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "ivk0dw1LJhK32hDEu4xIbQ=="
expires: Wed, 22 Mar 2023 08:21:06 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:30:47 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Fri, 03 Feb 2023 07:50:41 GMT
x-served-by: cache-fty21323-FTY, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 264
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f449.svg
104.244.43.131200 OK 372 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f449.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (563), with no line terminators
Hash 16bd066bf4791dd0b06522e8f36c11b1
5d009c2dfd0fd93f1d44aa0585ad9be9a84a9883
a33a3fe7a8e83df9a3083446f2d951a68a6c0b7f7ee22171f48b4ebeadce1a47
GET /emoji/v2/svg/1f449.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "Ay2Qf/SaY+B1fK3V82qyFg=="
expires: Wed, 08 Jun 2022 10:38:51 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:30:55 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Fri, 03 Feb 2023 07:50:42 GMT
x-served-by: cache-fty21376-FTY, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 372
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
192.229.233.25200 OK 42 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 47d134ddc26f8303a63f5077210e691d
208e6b463d3f86f8d627c9cc9b4e8a0ba4dc3adf
a4b68569485df549adb77e2c5ba911661d62f141e65678b7523e685822e5a05f
GET /_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 814048
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:42 GMT
Etag: "5e006b62c5bde14eb6fa194e2cee465c+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 41941
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:05:58 GMT
expires: Fri, 02 Feb 2024 10:05:58 GMT
cache-control: public, max-age=31536000
age: 78284
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
abs.twimg.com/sticky/animations/like.4.json
152.199.21.141200 OK 1.9 kB URL HTTP/2 abs.twimg.com/sticky/animations/like.4.json
IP 152.199.21.141:0
File type ASCII text, with very long lines (24291)
Hash c5203df5bd1440c2fdf4b44f0eb3116a
6b928e79e59b281eb5b9f5c2ad608f81078b5869
0b638ce107a37db0734fcd82af97d1dd575c246d737949c5414aa1dc549540e3
GET /sticky/animations/like.4.json HTTP/1.1
Host: abs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndication.twitter.com/
Origin: https://syndication.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 9125963
content-type: application/json
date: Fri, 03 Feb 2023 07:50:42 GMT
etag: "YKYmOkwIx9KztN7bQT7x8g=="
expires: Sat, 03 Feb 2024 07:50:42 GMT
last-modified: Thu, 20 Oct 2022 16:50:56 GMT
perf: 7626143928
server: ECAcc (ska/F695)
strict-transport-security: max-age=631138519
surrogate-key: twitter-assets
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
vary: Accept-Encoding
x-cache: HIT
x-connection-hash: 00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
x-content-type-options: nosniff
x-response-time: 10
x-ton-expected-size: 24292
x-transaction-id: 80afab27525733bc
content-length: 1897
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675410672294%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22HatProgrammers%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22HatProgrammers%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2200b6859%3A1675273547005%22%2C%22widget_data_source%22%3A%22screen-name%3AHatProgrammers%22%7D&session_id=7f330dad7651239b242f3909de7ac99f53afd0e1
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675410672294%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22HatProgrammers%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22HatProgrammers%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2200b6859%3A1675273547005%22%2C%22widget_data_source%22%3A%22screen-name%3AHatProgrammers%22%7D&session_id=7f330dad7651239b242f3909de7ac99f53afd0e1
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675410672294%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22HatProgrammers%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22HatProgrammers%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2200b6859%3A1675273547005%22%2C%22widget_data_source%22%3A%22screen-name%3AHatProgrammers%22%7D&session_id=7f330dad7651239b242f3909de7ac99f53afd0e1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/HatProgrammers?creatorScreenName=HatProgrammers&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19idXNpbmVzc192ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmx1ZV92ZXJpZmllZF9iYWRnZSI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19nb3ZfdmVyaWZpZWRfYmFkZ2UiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYnVzaW5lc3NfYWZmaWxpYXRlX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=1000px&origin=https%3A%2F%2Fhatinco.com%2FCBMiRmh0dHBzOi8vd3d3Lm1ha2V1c2VvZi5jb20vc2h1dHRlcnN0b2NrLWFpLWltYWdlLWdlbmVyYXRvci11c2VyLWltcGFjdC_SAQAoc5.htm&sessionId=7f330dad7651239b242f3909de7ac99f53afd0e1&showHeader=true&showReplies=false&siteScreenName=HatProgrammers&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:41 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 03 Feb 2023 07:50:42 GMT
content-length: 43
x-transaction-id: 44bcf88e4dbe7beb
strict-transport-security: max-age=631138519
x-response-time: 111
x-connection-hash: 500f61e0ac0b5cf8c262f06d87552a3f2ea8b8b445081729002ff6bcb5a0bd1a
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqqlH37pPF2TH_r2P5oouNjnpcSHFAQstQrFexk99kHmhYNoDHk-Cw8a8iN8w4CRqwAzIbTIuLhrU9Ch1VnsKBeBURc3fJyXJrLGp1hbU_UBHsQamnBt1c5bj25lqCNrnOfTr2LA&sai=AMfl-YRP9NQxEqO67Inkc4YbZHi5JzTBsdvekUSrh3vAuAZCtlJjsQaE8qOqRp9OVx6LwA06LOrQehFOURKs_BtGuvvmqc0qqgjtUGZU_0UpqlBnKHVUv7UIPWEABFllznIAZCLp697-lgJGg41P&sig=Cg0ArKJSzBfFWlaXYUKdEAE&cid=CAQSSwDUE5ymMhgz0HqLiteKu7gFu6GJATqgIYZMJipivcBPqzwkHyp2dchVXpENBrpjvzE-U31tNcpJX75fGZStf7geS1H0aCVueAtteRgB&id=lidar2&mcvt=1249&p=0,0,124,1005&mtos=316,1233,1249,1249,1249&tos=316,917,16,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1675410670534&rpt=632&met=mue&wmsd=0&pbe=0&vae=0&spb=0
142.250.74.66200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqqlH37pPF2TH_r2P5oouNjnpcSHFAQstQrFexk99kHmhYNoDHk-Cw8a8iN8w4CRqwAzIbTIuLhrU9Ch1VnsKBeBURc3fJyXJrLGp1hbU_UBHsQamnBt1c5bj25lqCNrnOfTr2LA&sai=AMfl-YRP9NQxEqO67Inkc4YbZHi5JzTBsdvekUSrh3vAuAZCtlJjsQaE8qOqRp9OVx6LwA06LOrQehFOURKs_BtGuvvmqc0qqgjtUGZU_0UpqlBnKHVUv7UIPWEABFllznIAZCLp697-lgJGg41P&sig=Cg0ArKJSzBfFWlaXYUKdEAE&cid=CAQSSwDUE5ymMhgz0HqLiteKu7gFu6GJATqgIYZMJipivcBPqzwkHyp2dchVXpENBrpjvzE-U31tNcpJX75fGZStf7geS1H0aCVueAtteRgB&id=lidar2&mcvt=1249&p=0,0,124,1005&mtos=316,1233,1249,1249,1249&tos=316,917,16,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1675410670534&rpt=632&met=mue&wmsd=0&pbe=0&vae=0&spb=0
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsuqqlH37pPF2TH_r2P5oouNjnpcSHFAQstQrFexk99kHmhYNoDHk-Cw8a8iN8w4CRqwAzIbTIuLhrU9Ch1VnsKBeBURc3fJyXJrLGp1hbU_UBHsQamnBt1c5bj25lqCNrnOfTr2LA&sai=AMfl-YRP9NQxEqO67Inkc4YbZHi5JzTBsdvekUSrh3vAuAZCtlJjsQaE8qOqRp9OVx6LwA06LOrQehFOURKs_BtGuvvmqc0qqgjtUGZU_0UpqlBnKHVUv7UIPWEABFllznIAZCLp697-lgJGg41P&sig=Cg0ArKJSzBfFWlaXYUKdEAE&cid=CAQSSwDUE5ymMhgz0HqLiteKu7gFu6GJATqgIYZMJipivcBPqzwkHyp2dchVXpENBrpjvzE-U31tNcpJX75fGZStf7geS1H0aCVueAtteRgB&id=lidar2&mcvt=1249&p=0,0,124,1005&mtos=316,1233,1249,1249,1249&tos=316,917,16,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1675410670534&rpt=632&met=mue&wmsd=0&pbe=0&vae=0&spb=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Fri, 03 Feb 2023 07:50:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
142.250.74.66200 OK 39 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env
IP 142.250.74.66:0
File type ASCII text, with very long lines (65472)
Hash a7a8f4f2b3fafd8abe7d50c8698f776e
1ce200eecaf029dbed96bcbacdfacd306aff040b
9292f6048bc2425d2be0becfb3e11d26247838ca5a27c8c00b1dcfefaf672b6f
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Fri, 03 Feb 2023 07:50:42 GMT
server: cafe
content-length: 11113
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/781883064343531520/71EdkJf4_normal.jpg
151.101.244.159200 OK 1.9 kB URL HTTP/2 pbs.twimg.com/profile_images/781883064343531520/71EdkJf4_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash 44c0ccc38d3790bb82bb4441b3aa6c78
232fe3039b4cf717acd885afaaaad8c8bf39e3dc
9ec3e2fecb384919959c1fbc95940fc95b9dc10bcfac0a3a5f96f92cea5fbec5
GET /profile_images/781883064343531520/71EdkJf4_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 30 Sep 2016 15:45:03 GMT
x-transaction-id: d774a6b49264ddf5
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 03 Feb 2023 07:50:42 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7374-LHR, cache-hel1410034-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1883
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
172.67.38.66200 OK 94 B URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
IP 172.67.38.66:0
File type ASCII text, with no line terminators
Hash 913b447ec871ab7eec8bec1005ff8e77
f95d547853ca5c389299636dfc202157042bb4c5
49aee71bb91db74830cb43c94ad5aeaf0d1e4e82de7006266707bca0ef046155
GET /_s/v4/app/63b77dcd282/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:42 GMT
content-type: application/javascript
age: 772779
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793993c51ff31c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5314f1087266189144982b464f4aa7a6
438b5a17b9060f6825331348aa3797ab1c15895d
fb7d5ec834d28c99f6430703c002c24a9caf50b7701a369cbd69e51576f1e73c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5898
x-amzn-requestid: 50d6181d-6804-48ab-bc38-9fcaf4da1bc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fZALWF5IIAMFv5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d37a48-2e2e53124ce2f9eb31290ec4;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:16:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9Jus6UYlOGiDdqLBxJ387FMtEAST6THfW-oz6gjgFzKzchCdwUCcvQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 03:13:49 GMT
age: 16614
etag: "438b5a17b9060f6825331348aa3797ab1c15895d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=85AA68E6A46348DBA8EB4C98DE381E6B&RedC=c.clarity.ms&MXFR=0FFCFACDC2AE659C1BDEE860C6AE6BD6
204.79.197.200302 Found 4.0 kB URL HTTP/2 c.bing.com/c.gif?CtsSyncId=85AA68E6A46348DBA8EB4C98DE381E6B&RedC=c.clarity.ms&MXFR=0FFCFACDC2AE659C1BDEE860C6AE6BD6
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash ae843ee95e549e867dba1e4e8ce7e48a
37e047654e98906a0b37248bd7af0f872a79bcbb
24feb6fbb27021440168727c7a4e132779fea10b871af475403c921e1f6f6678
GET /c.gif?CtsSyncId=85AA68E6A46348DBA8EB4C98DE381E6B&RedC=c.clarity.ms&MXFR=0FFCFACDC2AE659C1BDEE860C6AE6BD6 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hatinco.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=85AA68E6A46348DBA8EB4C98DE381E6B&MUID=2ABA75D0244D6F8612B1677D251A6E6C
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2ABA75D0244D6F8612B1677D251A6E6C; domain=c.bing.com; expires=Wed, 28-Feb-2024 07:50:43 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66C940B471DE4635AADCD5C41E4E61B5 Ref B: OSL30EDGE0319 Ref C: 2023-02-03T07:50:43Z
date: Fri, 03 Feb 2023 07:50:43 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=85AA68E6A46348DBA8EB4C98DE381E6B&MUID=2ABA75D0244D6F8612B1677D251A6E6C
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=85AA68E6A46348DBA8EB4C98DE381E6B&MUID=2ABA75D0244D6F8612B1677D251A6E6C
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=85AA68E6A46348DBA8EB4C98DE381E6B&MUID=2ABA75D0244D6F8612B1677D251A6E6C HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hatinco.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 03-Feb-2023 08:00:44 GMT; path=/; SameSite=None; Secure;
date: Fri, 03 Feb 2023 07:50:43 GMT
content-length: 42
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p74tt3doRE9DKoD5cpPKriYPFEQhq7f3Xf8vhgNNz7QhZNIvdc6NQQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:18 GMT
age: 35126
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d.clarity.ms/collect
40.76.174.66204 No Content 118 B IP 40.76.174.66:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 642cc7fe433730863a2a4aa42c7d6f3f
c05acfe8ca7107d5e8af44f17f607d5c30a58e79
5faae667f7933f5079f0655f81bed6c70f19b4beb872e07fea3e28f17f2efeab
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 43962
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://hatinco.com
access-control-allow-credentials: true
date: Fri, 03 Feb 2023 07:50:44 GMT
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:38 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/12/2022 14:32:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: d59b1bc690982b057c0e17bb58696d82
cdn-cache: HIT
cf-cache-status: HIT
age: 1861954
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 793993abda55b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/3.3.4/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:38 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 2021-06-08 21:21:50
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: f1a63d5f30f27f962c892e22b614a26b
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 20854827
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 793993ac4ae9b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Lora&family=Roboto+Slab&display=swap
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Lora&family=Roboto+Slab&display=swap
IP 142.250.74.138:0
GET /css2?family=Lora&family=Roboto+Slab&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 07:50:38 GMT
date: Fri, 03 Feb 2023 07:50:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
embed.tawk.to/5e4a43f1a89cda5a18865423/default
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/5e4a43f1a89cda5a18865423/default
IP 172.67.38.66:0
GET /5e4a43f1a89cda5a18865423/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hatinco.com
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:39 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63b77dcd282"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2433
x-content-type-options: nosniff
server: cloudflare
cf-ray: 793993aeac5e1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/3.3.4/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 07:50:38 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 2021-06-08 14:01:04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 33fc7f6c64f18e27ebb95ab9e21d92ab
cdn-cache: HIT
cf-cache-status: HIT
age: 20852158
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 793993ac5affb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.clarity.ms/tag/a6kusk7t0h?ref=bwt
13.107.238.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/a6kusk7t0h?ref=bwt
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/a6kusk7t0h?ref=bwt HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=15e5e4476ba34bbd8f1c43e8867526fa.20230203.20240203; expires=Sat, 03 Feb 2024 07:50:39 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z7zcYwAAAADLpbXJjzhrQYh9FJlaJA5tQ1BIMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 03 Feb 2023 07:50:39 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/a6kusk7t0h?ref=gtm2
13.107.238.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/a6kusk7t0h?ref=gtm2
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/a6kusk7t0h?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=6fbe00359c07435ea1e9cd6ab1ed747a.20230203.20240203; expires=Sat, 03 Feb 2024 07:50:39 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0z7zcYwAAAADALvdQ2l1XR7J07oE/CDGsQ1BIMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 03 Feb 2023 07:50:39 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus/s/0.7.1/clarity.js
13.107.238.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus/s/0.7.1/clarity.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatinco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d936557825629e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-azure-ref-originshield: 0r8jbYwAAAACXLVLHNYLlSa6dlqEW0+VpRlJBMjMxMDUwNDE4MDA5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 0z7zcYwAAAACPrdJiA11fRYL7SIgdZG6XQ1BIMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 03 Feb 2023 07:50:39 GMT
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js
192.229.233.25200 OK 0 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js
IP 192.229.233.25:0
GET /_next/static/chunks/0.12059cc9aae4f779ab68.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 814046
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 07:50:41 GMT
Etag: "145185fec2c06c3409682e5df48acdf8+gzip"
Last-Modified: Wed, 18 Jan 2023 22:54:32 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 106305