Overview

URL w1.msswol.com/prod/38c23a91-dd81-4cd9-8eb3-bde2549e352b/b22ab12a-a3f6-48fa-89b4-7dfb7835292b
IP34.204.222.45
ASNAMAZON-AES
Location United States
Report completed2022-09-21 16:34:34 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-21 2 w1.msswol.com/prod/38c23a91-dd81-4cd9-8eb3-bde2549e352b/b22ab12a-a3f6-48fa- (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-21 04:18:32 UTC 143.204.55.49
mnemonic passive DNS ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-09-21 04:19:35 UTC 192.124.249.36
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-21 04:20:37 UTC 35.164.146.235
mnemonic passive DNS events.api.secureserver.net (2) 125179 2020-06-23 03:18:34 UTC 2022-09-21 10:37:21 UTC 184.31.15.241
mnemonic passive DNS w1.msswol.com (1) 0 2022-06-14 16:18:57 UTC 2022-09-21 16:34:20 UTC 3.223.208.36 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-21 10:25:05 UTC 143.204.55.35
mnemonic passive DNS www.hastingsus.com (1) 0 2020-02-29 19:19:37 UTC 2022-09-21 16:34:22 UTC 160.153.136.3 Unknown ranking
mnemonic passive DNS img6.wsimg.com (1) 15438 2020-02-20 07:56:58 UTC 2022-09-21 10:37:21 UTC 23.36.79.43
mnemonic passive DNS hastingsus.com (1) 0 2020-02-29 19:19:37 UTC 2022-09-21 16:34:22 UTC 160.153.136.3 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-21 04:18:22 UTC 23.36.77.32
mnemonic passive DNS img1.wsimg.com (36) 9893 2012-06-20 14:42:31 UTC 2022-09-21 08:03:48 UTC 23.36.79.43
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-09-21 04:20:12 UTC 142.250.74.3
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-21 14:38:57 UTC 34.120.237.76
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-21 04:20:37 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-21 15:45:34 UTC 93.184.220.29
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-21 09:49:55 UTC 142.250.74.174


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.204.222.45

Date UQ / IDS / BL URL IP
2022-09-28 04:45:13 +0000
0 - 0 - 1 w1.mssprr.com/prod/689e3b8a-29b9-48a4-966f-10 (...) 34.204.222.45
2022-09-28 04:00:09 +0000
0 - 0 - 1 w1.mssprr.com/prod/open/0ccd2225-477b-4dce-8c (...) 34.204.222.45
2022-09-28 04:00:08 +0000
0 - 0 - 1 w1.mssprr.com/prod/unsubscribe-confirm/131100 (...) 34.204.222.45
2022-09-28 01:04:52 +0000
0 - 0 - 1 w1.mssxhb.com/prod/e56683ce-fb04-41d6-9018-19 (...) 34.204.222.45
2022-09-26 15:00:51 +0000
0 - 0 - 1 w1.msstmc.com/prod/unsubscribe-confirm/fc1cf8 (...) 34.204.222.45

Last 5 reports on ASN: AMAZON-AES

Date UQ / IDS / BL URL IP
2022-12-05 20:45:20 +0000
36 - 0 - 0 glacier0nline.ddns.net/ 44.208.21.66
2022-12-05 20:42:42 +0000
0 - 0 - 3 uyfox.adthereis.buzz/FVWAO?tag_id=958707&sub_ (...) 52.20.131.174
2022-12-05 20:32:25 +0000
0 - 0 - 1 thedeadpit.com/parking.php 52.71.57.184
2022-12-05 20:22:30 +0000
0 - 0 - 0 rum.browser-intake-datadoghq.com/api/v2/rum 3.233.159.140
2022-12-05 20:21:03 +0000
0 - 0 - 3 mbas.org.sg/ 34.226.77.200

Last 5 reports on domain: msswol.com

Date UQ / IDS / BL URL IP
2022-12-05 05:47:48 +0000
0 - 0 - 1 w1.msswol.com/prod/unsubscribe-confirm/d22e1f (...) 35.169.203.233
2022-12-05 05:47:35 +0000
0 - 0 - 1 w1.msswol.com/prod/0d1310ca-008f-4b88-87c6-e9 (...) 35.169.203.233
2022-11-28 07:43:15 +0000
0 - 0 - 1 w1.msswol.com/prod/0566d334-b7b0-489d-b3a4-2f (...) 44.198.6.24
2022-11-26 04:26:16 +0000
0 - 0 - 1 w1.msswol.com/prod/unsubscribe-confirm/d22e1f (...) 35.169.203.233
2022-11-18 05:32:31 +0000
0 - 0 - 1 w1.msswol.com/prod/cdcf8e28-c59b-412c-84af-8e (...) 3.223.208.36

Last 3 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-05 05:47:35 +0000
0 - 0 - 1 w1.msswol.com/prod/0d1310ca-008f-4b88-87c6-e9 (...) 35.169.203.233
2022-11-28 07:43:15 +0000
0 - 0 - 1 w1.msswol.com/prod/0566d334-b7b0-489d-b3a4-2f (...) 44.198.6.24
2022-11-18 05:32:31 +0000
0 - 0 - 1 w1.msswol.com/prod/cdcf8e28-c59b-412c-84af-8e (...) 3.223.208.36


JavaScript

Executed Scripts (60)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (63)


Request Response
                                        
                                            GET /prod/38c23a91-dd81-4cd9-8eb3-bde2549e352b/b22ab12a-a3f6-48fa-89b4-7dfb7835292b HTTP/1.1 
Host: w1.msswol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         3.223.208.36
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Date: Wed, 21 Sep 2022 16:34:22 GMT
Content-Length: 180
Connection: keep-alive
X-Powered-By: Express
Location: http://www.hastingsus.com/?msID=b22ab12a-a3f6-48fa-89b4-7dfb7835292b
Vary: Accept


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   180
Md5:    46defd19cc3c8ab53d2cf44b3a1e564d
Sha1:   36f497bafe7dcf975d2a8a223a83dee075f9b431
Sha256: dabe598db6d1b95f184d4480df9700bd56b414f924b6354f1d19ad93f31cbd1e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6001
Expires: Wed, 21 Sep 2022 18:14:23 GMT
Date: Wed, 21 Sep 2022 16:34:22 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 16:13:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5MSS-b8Y54yLLpqJF5a83eZcDhT3f_umbErkClrubaLSj3dM5wJo_g==
Age: 1244


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: q5Mio4YYmqYAW-wi0liw6RHxHhQfVNDFwcpXkFl1ugTG7k0agBBcFA==
age: 43149
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 21 Sep 2022 16:34:22 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /?msID=b22ab12a-a3f6-48fa-89b4-7dfb7835292b HTTP/1.1 
Host: www.hastingsus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         160.153.136.3
HTTP/1.1 302 Found
                                        
Connection: close
Pragma: no-cache
cache-control: no-cache
Location: /?msID=b22ab12a-a3f6-48fa-89b4-7dfb7835292b

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.36
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 21 Sep 2022 16:34:23 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 20 Sep 2022 22:47:13 GMT
Expires: Wed, 21 Sep 2022 22:47:13 GMT
ETag: "7694a8e52e3015799247443c139cdbe5c04f026d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    1e8e94d653304c0799b2128082da5024
Sha1:   7694a8e52e3015799247443c139cdbe5c04f026d
Sha256: 241f55e9b4df71beffc88c9f1274d2d2f9ab821d717b2cdbb8dcd255c151ddfe
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 16:03:22 GMT
Expires: Wed, 21 Sep 2022 16:42:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZGOtmHNAHkIIm7nvvTF58lusEXR8EhRyjMiQMa8SvpyOTkWTR_WEtg==
Age: 1861


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /poly/v2/polyfill.min.js?unknown=polyfill&flags=gated&features=default%2Cfetch%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.findIndex%2CFunction.name%2CNumber.isFinite%2CPromise%2CString.prototype.repeat%2CMath.sign%2CMath.trunc%2CArray.prototype.includes%2CObject.entries%2CObject.values%2CObject.is%2CIntersectionObserver%2CIntl.~locale.en-US HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
content-length: 166
last-modified: Thu, 15 Sep 2022 15:25:32 GMT
content-encoding: gzip
accept-ranges: bytes
useragent_normaliser: firefox/96.0.0
access-control-allow-methods: GET,HEAD,OPTIONS
server-timing: cache-osl6520, PASS, fastly;desc="Edge time";dur=20
cache-control: public, max-age=172800, s-maxage=31536000
expires: Fri, 23 Sep 2022 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   166
Md5:    f5e02d8f4506ab627fd029a9bc83e559
Sha1:   1bcabaa3024c42dab0dbe14902c1b0434655d40f
Sha256: 9f97db0347e1c702fa9af6cedf119d6228caff50ce433dc58bc0a0e53fb7afde
                                        
                                            GET /ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.6.5.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 102975
x-version: 0.7.1+sha-f8fdc16
etag: "b1e0b52ad3e5f0c3e0ebf2084a9b2c3b"
last-modified: Fri, 19 Feb 2021 19:23:08 GMT
x-amzn-trace-id: Root=1-6030101b-4fd845c9320533c35be8a189
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (62912)
Size:   102975
Md5:    00cb34f0ba41b74af9c753379e6e6df2
Sha1:   7b1ed90a93b1dfb2840a6b3a7c77314c173180cb
Sha256: 2d96e8d70ff8dd23a03b64466bc1fd4b31b38e25c51fbb517a7c0f41c3040a56
                                        
                                            GET /gfonts/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 35764
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Size:   35764
Md5:    60f23230f1a8d5c3b7d25b73f5b5ce23
Sha1:   ed08ada85d017893b9bcb8224e99154c6708f5d2
Sha256: 22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
                                        
                                            GET /gfonts/s/lora/v26/0QIhMX1D_JOuMw_LIftL.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 39056
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:31 GMT
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 39056, version 1.0\012- data
Size:   39056
Md5:    ab20a3cbee44939ad33cb2d162484f23
Sha1:   f4df3e71cc8aebd85b6207d4ac35c76c602c2779
Sha256: 0a1dc89a4a29593bd35cc4811bfedd9765eeca4a9ef57323eec2cff14c9f9c5b
                                        
                                            GET /gfonts/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 35660
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Size:   35660
Md5:    0d0d3e5824e5e67a9e993960df2b67a9
Sha1:   328d67bb1d5899a7809df9f4385181863fd035f1
Sha256: 38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5035
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 16:34:23 GMT
Last-Modified: Wed, 21 Sep 2022 15:10:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/LOGO_s-0001.png/:/rs=h:400/ll HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 6200
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1207142610
x-width: 292
x-height: 292
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
edge-cache-tag: /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/LOGO_s-0001.png/:/rs=h:400/ll
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   6200
Md5:    19b3a5902286c03410f547279d5f1af5
Sha1:   6db557b3aeaff25a14d8655a4a41b380e6da9363
Sha256: 0586a9480d28d09a9dd770c4ff8f2869418a109252bd13fb0c0cadf085ae92c8
                                        
                                            GET /isteam/stock/ZV5rRqg/:/cr=t:0%25,l:17.91%25,w:43.17%25,h:100%25/rs=w:365,h:365,cg:true/qt=q:1 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 3368
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 3923771073
x-width: 365
x-height: 365
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
edge-cache-tag: /isteam/stock/ZV5rRqg
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3368
Md5:    1c281d553776ab0d87543e81f5cb9619
Sha1:   bd35bfa4e4b54d85789d29de1caf885d1991994a
Sha256: a617bd586905e531e3afe1fd27ad5886c96942b3a8c25276333dec31b2f19e8f
                                        
                                            GET /isteam/stock/6359/:/rs=w:365,h:365,cg:true,m/cr=w:365,h:365/qt=q:1 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 2272
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2394146577
x-width: 365
x-height: 365
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
edge-cache-tag: /isteam/stock/6359
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2272
Md5:    627eede36f67a8cc9dab92434e3cc7b0
Sha1:   a179490a7ff97461e8bfe986200979a72601f9cc
Sha256: 610264de69b5ebc640ad5d6f8062bc86abbad325010d24a606ffa3f7e5014562
                                        
                                            GET /isteam/stock/pY3dyEV/:/rs=w:365,h:365,cg:true,m/cr=w:365,h:365/qt=q:1 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 3018
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1148342972
x-width: 365
x-height: 365
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
edge-cache-tag: /isteam/stock/pY3dyEV
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3018
Md5:    baf08eea93f7da59f33c6bb6181d9769
Sha1:   826964830c1de32141dc3fe79d5a301275ed9dd1
Sha256: f6d261001c2267c9f55bfcb2e28260779bd70656bb8d37e6a4c190f9aba79a1d
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gPWJr2lz855EFJluEPpFTg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.164.146.235
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Hhx11agjqHawAYIEO9/s3SOCakk=

                                        
                                            GET /blobby/go/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/gpub/a07222fc02d26f24/script.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3394
x-version: 0.7.1+sha-f8fdc16
etag: "241253e2e3c310f683b25123a12e19e2"
last-modified: Tue, 23 Feb 2021 06:02:30 GMT
x-amzn-trace-id: Root=1-60349a75-596f09f83f21d4523187b2f7
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14929), with no line terminators
Size:   3394
Md5:    9ce7b3f9f6bd51b04d385b222035a6fc
Sha1:   e340c0c83277722f65d90414a28a1927d8a50955
Sha256: 140c3b7097880736d44be0bdcd37e462e2d052c9461dd0e832013b5958cf0d80
                                        
                                            GET /blobby/go/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/gpub/fa9f889701851ff1/script.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 9319
x-version: 0.7.1+sha-f8fdc16
etag: "d9d4cf88c5e6e48e470edfb53ca6097f"
last-modified: Tue, 23 Feb 2021 06:02:30 GMT
x-amzn-trace-id: Root=1-60349a75-54193e912a3aaeda3560eeee
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:23 GMT
date: Wed, 21 Sep 2022 16:34:23 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (46595), with no line terminators
Size:   9319
Md5:    df1b461b3d99b3cd65c48a5dcec0fccf
Sha1:   a7662f440c51f2c41920cdafe1d63bc094658515
Sha256: 334d0329d246a7b571363e8a21ab27fdc63e5358f3863d8b27c7eb7a609ad653
                                        
                                            GET /isteam/stock/67150/:/cr=t:2.83%25,l:2.83%25,w:94.34%25,h:94.34%25/rs=w:50,cg:true,mx/qt=q:1 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 448
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1968262019
x-width: 50
x-height: 33
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
edge-cache-tag: /isteam/stock/67150
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   448
Md5:    4bfba19478f10c3e5b6814bdbbc15a58
Sha1:   e35fb7c78d94c4760e059064ff15d02b0cfcd0f2
Sha256: 0dc451994fac5e38a1ac04954b563b448dab47c14516f17d4956eea1f2165fb7
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-_commonjsHelpers-6f995b5b.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 289
x-version: 0.7.1+sha-f8fdc16
etag: "42ebe837c6d9e64f008416b1534f548f"
last-modified: Tue, 22 Sep 2020 21:14:27 GMT
x-amzn-trace-id: Root=1-5f6a6932-a01e9709763b178436ffbcb8
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (392)
Size:   289
Md5:    19aa9b3e3f24dee248cf222b5ce6ebc8
Sha1:   6a15fbc19d8200b3d73304898100fbe0f499b3c4
Sha256: 9efae2a5f0ba073e574554fede2ee20914725071ced620d0ad7c495a1417cb60
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-af9120e0.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 352
x-version: 0.7.1+sha-f8fdc16
etag: "077ee05f6f4bbf2e0ff9ef5b657691c1"
last-modified: Thu, 10 Sep 2020 22:21:24 GMT
x-amzn-trace-id: Root=1-5f5aa6e0-49fa678ed5162be7cda3abb0
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (516)
Size:   352
Md5:    9650aa98af547750bbfdb38940374c62
Sha1:   2460e8c443f94a16214680b8680d84c3a33d008f
Sha256: 6c04a81bf4cbca57f16770243602e94a3b09121db5d30e28b3cb3d0cdc1436a2
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-defaultSocialIconPack-de218de9.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 5632
x-version: 0.7.1+sha-f8fdc16
etag: "41b60b2e85ee6335616d02772c4a0c2e"
last-modified: Thu, 10 Sep 2020 22:21:25 GMT
x-amzn-trace-id: Root=1-5f5aa6e4-52cbd058e4dfdea0a19a07de
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16435)
Size:   5632
Md5:    3fa2447da4ff283f8aaf408d52a066e3
Sha1:   e2b19fa7768c6164cd7221bd25e9e6aeac2603cf
Sha256: c82759e23976c29508c6dc118ef194dc97408d64aa74ba8a27710c6148876c89
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-headerTreatments-5b061043.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1507
x-version: 0.7.1+sha-f8fdc16
etag: "ac2892b95e80c41d638d84ac2f258b3b"
last-modified: Fri, 19 Feb 2021 19:47:09 GMT
x-amzn-trace-id: Root=1-603015bc-2d488d4e4d503ce209465190
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3070)
Size:   1507
Md5:    af9c6a9e4c2855a37a557f6b57271b6f
Sha1:   3d5595938f0051964b9b1caec1c6f45d2728352d
Sha256: 57a45e29a4c729d7c31bd504fc8b0ffe55a774a83b048a27119f40cc1f095d64
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-71da3a1d.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 303
x-version: 0.7.1+sha-f8fdc16
etag: "e092abc6a9efd01cfe90a0e5ff12ab80"
last-modified: Mon, 25 Jan 2021 19:00:18 GMT
x-amzn-trace-id: Root=1-600f1541-1243659c6658c55008346f94
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (358)
Size:   303
Md5:    bc711aa969d24953cf32081b90e7f334
Sha1:   e97e2976d5b94490d592bb572165c480422d8128
Sha256: 92ed6a7aacf4e562cc0a157a67d65c90d8b97701a9785315b879be0dd0fc6766
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-9ad32511.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 696
x-version: 0.7.1+sha-f8fdc16
etag: "602d74492266962cd9653e221e298f54"
last-modified: Fri, 19 Feb 2021 19:47:08 GMT
x-amzn-trace-id: Root=1-603015bb-64186442316d54da4b9a0ea2
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1093)
Size:   696
Md5:    48dda716d2076b3bc642c36fb51156a6
Sha1:   1471d6a78a5d9ee4d87ef2f4ecc681a5cf104b91
Sha256: 5f4f10305fc50c3f49106d4138fbcf4202d940d4a9eeaf302db5e9d9eb3bf965
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-cc4720ff.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 728
x-version: 0.7.1+sha-f8fdc16
etag: "97341cc18727af1c3f72c7bc375f40e0"
last-modified: Tue, 12 Jan 2021 18:17:51 GMT
x-amzn-trace-id: Root=1-5ffde7ce-2b14641f5925392c24ec3c6a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1288)
Size:   728
Md5:    59a250db6c5dd19fcd4c36b0e11c2f2e
Sha1:   0f45d00514cc35004199ba32cc1aa2959ee17147
Sha256: 19ef4fba75ae3a945d031e17e0c7f2c275f4c40c800ea52be068331f7b58cdb1
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-ec745dc3.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 53693
x-version: 0.7.1+sha-f8fdc16
etag: "1ebca823195e208b10235cd7f6e1fee4"
last-modified: Fri, 19 Feb 2021 19:47:10 GMT
x-amzn-trace-id: Root=1-603015bc-1de9105e6636664a1960002a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   53693
Md5:    03134822b9ed59cbbe52f29b0a0b448e
Sha1:   2e348f88dc2ad1ee99538713d6dda5e8a86d6689
Sha256: 1be74cc7a3df8f5ae6df6b9cae42ec9fd1f178a0ddf638301ef638f38eb1905b
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-190a6a67.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 226
x-version: 0.7.1+sha-f8fdc16
etag: "65ad916650d2d7fef3d5101ae3f51c4c"
last-modified: Thu, 10 Sep 2020 22:21:26 GMT
x-amzn-trace-id: Root=1-5f5aa6e4-9ac614884d66a7b41e6bf0a9
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   226
Md5:    d20d707f192768c7ff06844b4492dc13
Sha1:   fc7d9d65cd45239ac944c273c22da4515e91430d
Sha256: eb6a69648064b15547d864b68f36bd5a77a355b8cae42d6f2421f1357f6c12dd
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-f1bd86ab.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 728
x-version: 0.7.1+sha-f8fdc16
etag: "3ccb03745ea03054aaa9d4128c23dd2d"
last-modified: Thu, 10 Sep 2020 22:21:26 GMT
x-amzn-trace-id: Root=1-5f5aa6e5-3433ddacb62b31b2febd219e
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3109)
Size:   728
Md5:    8ccffb059324d4970e791ffe25fd53d1
Sha1:   e814e2c6a4b403c91bdcdc61233c53ad51072098
Sha256: feb57c699013f54831c995fd3fd29e2ac47e1886943a03174d66622fba954bdc
                                        
                                            GET /isteam/stock/67150/:/cr=t:2.83%25,l:2.83%25,w:94.34%25,h:94.34%25/rs=w:1535,m HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 133850
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 150096165
x-width: 1535
x-height: 1004
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
edge-cache-tag: /isteam/stock/67150
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   133850
Md5:    94ac12b9050fa3864b8dbde8abb7fd41
Sha1:   ca4b04079f08cfd6e9452143ea7879d3829cb134
Sha256: e06c196bbc609be6ad669ae137197633bf039e2aa4ee2c0f9eb17deb06f16d17
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-themeOverrides-4d5d2f9c.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 408
x-version: 0.7.1+sha-f8fdc16
etag: "06819f7c90dabb294f3c6815e4667500"
last-modified: Tue, 02 Feb 2021 19:01:12 GMT
x-amzn-trace-id: Root=1-6019a177-2b32e9810bfb5d1311f99854
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (808)
Size:   408
Md5:    71cf568f26747b3043bf8de54ff74311
Sha1:   e405fa2d2b9fda6cde58d11119160f7f879757d5
Sha256: fbd8436c652951d20bf2724fc724f28698011ed9e64fda732ea744eeda73f410
                                        
                                            GET /blobby/go/static/radpack/@widget/MESSAGING/bs-Component-184da2fa.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 2649
x-version: 0.7.1+sha-f8fdc16
etag: "b89b1395df761e458bc304304cea9529"
last-modified: Tue, 08 Dec 2020 23:33:37 GMT
x-amzn-trace-id: Root=1-5fd00d50-417ee9776a75c4331b69cb6b
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8492)
Size:   2649
Md5:    ca058ed01a67fd7edcd9f63fddbfbe8f
Sha1:   3c641d17f1ab9378c22e7cb8f2b9f0fd849d563f
Sha256: 476b5695377a064236bc5b9381d40052f2d4e4f8b358b2d81f66a387804be6d4
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-8b87f88f.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 322
x-version: 0.7.1+sha-f8fdc16
etag: "c950ceaa9b54c1435b6d60c569bb8948"
last-modified: Wed, 21 Oct 2020 02:55:23 GMT
x-amzn-trace-id: Root=1-5f8fa31a-5676216307edf3d814421b90
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   322
Md5:    f76cb2988fff768e6d2fa91ce44cec39
Sha1:   65e45c845d61c0943ef5f89b31145d5a05f3021f
Sha256: 8542aee6f718a5c8cadd79164984ed616b91d3660780e0d8c3fbd08ded113a11
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-f4096148.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 430
x-version: 0.7.1+sha-f8fdc16
etag: "56b37779e560b1f33dae335fcdf417e5"
last-modified: Tue, 01 Dec 2020 17:54:55 GMT
x-amzn-trace-id: Root=1-5fc6836e-274d6c4c70fec5b058af7bae
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (651)
Size:   430
Md5:    2bd483e0e1dbe2726d090c9581c8ca85
Sha1:   95fa1b87ddf4027b4223b06e86932d788aba2636
Sha256: 205d0e1c2faf95cb7b22234abcad7abae243b799ea1d790288ddfee6e46a6ad9
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-a479b038.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 367
x-version: 0.7.1+sha-f8fdc16
etag: "8857679c4bd7c2c9238416f452bed34f"
last-modified: Wed, 21 Oct 2020 02:55:22 GMT
x-amzn-trace-id: Root=1-5f8fa319-4467925d4bc512bd5d8610c2
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   367
Md5:    a5c6e41c09faadb3c1c61691d2095174
Sha1:   aad16c94df292aa072454c6fdc55e1774153229b
Sha256: cb15a1744276298a8303612901f1b85d9d773663c5c591cb128b98e2bb25166f
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-ed2c5b21.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1248
x-version: 0.7.1+sha-f8fdc16
etag: "0851a3d17e1a5f8ec33a142592bc8378"
last-modified: Mon, 08 Feb 2021 18:05:00 GMT
x-amzn-trace-id: Root=1-60217d4b-3a2fcfe27a7f311138bcb50a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3295)
Size:   1248
Md5:    e1bae38b3a32c72d2b1cb70a463cbe3c
Sha1:   be9add730d3ffba748b4bca7517e8038f996ab79
Sha256: 326864dd59c5e6d355fc4745759e24292d0ad94df9e01a847787409cffbd6cd9
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-45b716a6.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 976
x-version: 0.7.1+sha-f8fdc16
etag: "4c0e199bd5e8e865104a5fe84e74a8f6"
last-modified: Thu, 10 Sep 2020 22:21:25 GMT
x-amzn-trace-id: Root=1-5f5aa6e4-ce26564143a059cabe8b0d1a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2332)
Size:   976
Md5:    8afa3be3951fe6cb012cca6574172d20
Sha1:   59c7358e9bf8a05150ca4cb4d4227df36c96a7a8
Sha256: 691e82cbd30ef149c273bd9deffba8b7d5dd5348459b10f3414856c35b851f00
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-1f0307e6.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 872
x-version: 0.7.1+sha-f8fdc16
etag: "e8e60f499d5db055a54fb28e29a7c0c1"
last-modified: Mon, 08 Feb 2021 18:05:01 GMT
x-amzn-trace-id: Root=1-60217d4c-20b0c123220466df2535e0d5
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1781)
Size:   872
Md5:    83b8e2c0dcc9e6427c2689c09dbe0300
Sha1:   0aaf22f34789e39755ceb76ac53565c08619b808
Sha256: e8c02b11288590ed624815f964ddc063e69d7906ae6a995e7eea09bbbb5d15ed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 16:34:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 21 Sep 2022 14:41:12 GMT
expires: Wed, 21 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 6792
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 16:34:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/LOGO_s-0001.png/:/rs=w:180,h:180,m HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 4376
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 3056287551
x-width: 180
x-height: 180
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
edge-cache-tag: /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/LOGO_s-0001.png/:/rs=w:180,h:180,m
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   4376
Md5:    aec315dee1ea97b7794d0b16a4191923
Sha1:   f9b97039186c536b824e733d445b6e68323d5a32
Sha256: 329c7fba7729c9ceba247e1a5515e721f2ab12e75e99c8bcd2d3c25db098f5de
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-layout15-Theme-publish-Theme-c31d76cc.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 2103
x-version: 0.7.1+sha-f8fdc16
etag: "0f57b06c8e8a7133980383afd233f6fd"
last-modified: Fri, 19 Feb 2021 19:47:09 GMT
x-amzn-trace-id: Root=1-603015bc-4cee21863869863860c665e5
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
vary: Accept-Encoding
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6040)
Size:   2103
Md5:    d49f9d74bfb769a4ca74d113096bc342
Sha1:   160aa7fd63b33cc93b422f121e7dcc278540b436
Sha256: 8d8e21786629f74926ee5e4ff0ac6e218ea42842ce324d9126507e90af79e9b1
                                        
                                            GET /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/favicon/024a6530-7e86-4c3e-b7c4-831b26f984d5.png/:/rs=w:16,h:16,m HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 322
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2897505393
x-width: 16
x-height: 16
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Thu, 21 Sep 2023 16:34:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
edge-cache-tag: /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/favicon/024a6530-7e86-4c3e-b7c4-831b26f984d5.png/:/rs=w:16,h:16,m
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   322
Md5:    1f5761baed5b140e73f67ec839274ad6
Sha1:   fd550a00cc7c2ee265b51f7fe018383e24944d50
Sha256: 46b37e6031cf6ae6630e3a8b1babe6289f127e5484cd253678fc86b88b204d55
                                        
                                            GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 302 Found
                                        
content-length: 0
location: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
cache-control: max-age=1800
expires: Wed, 21 Sep 2022 17:04:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /traffic-assets/js/tccl.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hastingsus.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 302 Found
                                        
content-length: 0
location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
cache-control: max-age=1800
expires: Wed, 21 Sep 2022 17:04:24 GMT
date: Wed, 21 Sep 2022 16:34:24 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js HTTP/1.1 
Host: img6.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hastingsus.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
accept-ranges: bytes
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 15
x-edgeconnect-origin-mex-latency: 135
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
x-amz-request-id: N5JSXGJTVEFZM8E9
x-amz-server-side-encryption: AES256
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-length: 11155
cache-control: max-age=31536000
date: Wed, 21 Sep 2022 16:34:24 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (45500)
Size:   11155
Md5:    1ac00b5d5abfa64175a140de3f29a8e2
Sha1:   c07c5611cfff3ec4c7034134e4148f177242908c
Sha256: 65198366099c4eea2ed8a4dbe30fbb7896435a3505c5265260715d3385058378
                                        
                                            GET /t/1/tl/event?cts=1663778064562&dh=hastingsus.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=2136153122&cv=2.0.0&z=237259573&vg=8a8c08ac-8704-5eaf-bc3f-4a18d7327db6&vtg=8a8c08ac-8704-5eaf-bc3f-4a18d7327db6&dp=%2F&ap=IPv2&trfd=%7B%22websiteId%22%3A%223bee0d02-69f8-45ac-b2fe-14cbdccd2981%22%2C%22pd%22%3A%222021-02-23T06%3A02%3A28.077Z%22%2C%22ap%22%3A%22IPv2%22%2C%22ds%22%3A%224000%22%2C%22meta.numWidgets%22%3A5%2C%22meta.theme%22%3A%22layout15%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Atrue%2C%22vct%22%3A1818%7D&hit_id=0d295b4b-9992-5121-b90a-48e2d8c85cfc&ht=pageview HTTP/1.1 
Host: events.api.secureserver.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.241
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
access-control-allow-origin: https://hastingsus.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 21 Sep 2022 16:34:24 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /t/1/tl/event?cts=1663778064566&dh=hastingsus.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=2136153122&cv=2.0.0&z=166314031&vg=8a8c08ac-8704-5eaf-bc3f-4a18d7327db6&vtg=8a8c08ac-8704-5eaf-bc3f-4a18d7327db6&dp=%2F&ap=IPv2&trfd=%7B%22websiteId%22%3A%223bee0d02-69f8-45ac-b2fe-14cbdccd2981%22%2C%22pd%22%3A%222021-02-23T06%3A02%3A28.077Z%22%2C%22ap%22%3A%22IPv2%22%2C%22ds%22%3A%224000%22%2C%22meta.numWidgets%22%3A5%2C%22meta.theme%22%3A%22layout15%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Atrue%2C%22vct%22%3A1818%7D&hit_id=6fc311af-97f4-5c75-bd36-57cbefbd747a&ht=perf&tce=1663778063047&tcs=1663778062864&tdc=1663778064444&tdclee=1663778063969&tdcles=1663778063964&tdi=1663778063956&tdl=1663778063101&tdle=1663778062864&tdls=1663778062864&tfs=1663778062862&tns=1663778062301&trqs=1663778063047&tre=1663778063109&trps=1663778063089&tles=1663778064444&tlee=1663778064445&nt=navigate&nav_type=hard HTTP/1.1 
Host: events.api.secureserver.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.241
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
access-control-allow-origin: https://hastingsus.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Wed, 21 Sep 2022 16:34:24 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7186
Expires: Wed, 21 Sep 2022 18:34:11 GMT
Date: Wed, 21 Sep 2022 16:34:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7186
Expires: Wed, 21 Sep 2022 18:34:11 GMT
Date: Wed, 21 Sep 2022 16:34:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7186
Expires: Wed, 21 Sep 2022 18:34:11 GMT
Date: Wed, 21 Sep 2022 16:34:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7186
Expires: Wed, 21 Sep 2022 18:34:11 GMT
Date: Wed, 21 Sep 2022 16:34:25 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wK03Lqow6u4lrQ3QI21klXXHGZqbKYathhCO87k0rZWBbF8o5YYjXw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:05:16 GMT
age: 34149
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12654
Md5:    f7b780d39877eea116277625aaa01f1b
Sha1:   d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
Sha256: ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9574
x-amzn-requestid: 3dfa0e8c-77e6-4fc5-9f64-00ac854abbfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mEj2IAMFWdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-745819ba4b5c16ee6e649ad7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _3w3cbABzhrIn3y9Spo6-NCZDzf4gHAfU30Zpvk3WTp8_kgWT7NAMw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
age: 68001
etag: "3371965b4417ee0b74a3a5094adfc1632d4849b1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9574
Md5:    eff7103898a5102e685ce6741cdf19f8
Sha1:   3371965b4417ee0b74a3a5094adfc1632d4849b1
Sha256: c326683c06d56a02d8c1a36dd34c1eff1b9d242b8b5280a1824b0602ccd28020
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8861
x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuE0AoAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UStTyIXPucbY9WmDl3W5bTyeT-2SJ5CTUjv8TLeexqZtKd1p2sJrNA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 03:25:34 GMT
age: 47331
etag: "56f228d7358ba9deef000f53214dc7c1dc358109"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8861
Md5:    a504981ee10d8341b64f19001464ae8a
Sha1:   56f228d7358ba9deef000f53214dc7c1dc358109
Sha256: 0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 67867
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9201
Md5:    a692964324dbb9c460a1b855808d02e6
Sha1:   1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
Sha256: 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:08:27 GMT
age: 15958
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10244
Md5:    14e6ddceb639a5f4875aecb796f95c79
Sha1:   b1cd04a66852694284eeef16a1cde38896e33c03
Sha256: 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:09:43 GMT
age: 66282
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11832
Md5:    2ed7323b395e757f7766ea0045efdaca
Sha1:   8b91bc3069a3217bc719c27959d578b353b5d9dc
Sha256: 8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
                                        
                                            GET /?msID=b22ab12a-a3f6-48fa-89b4-7dfb7835292b HTTP/1.1 
Host: hastingsus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <https://img1.wsimg.com/poly/v2/polyfill.min.js?unknown=polyfill&flags=gated&features=default%2Cfetch%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.findIndex%2CFunction.name%2CNumber.isFinite%2CPromise%2CString.prototype.repeat%2CMath.sign%2CMath.trunc%2CArray.prototype.includes%2CObject.entries%2CObject.values%2CObject.is%2CIntersectionObserver%2CIntl.~locale.en-US>; rel=preload; as=script; crossorigin,<//img1.wsimg.com/blobby/go/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/gpub/fa9f889701851ff1/script.js>; rel=preload; as=script; crossorigin,<//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.6.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lora/v26/0QIhMX1D_JOuMw_LIftL.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 66cab666abdf5815cee99002e8d16aa8
date: Wed, 21 Sep 2022 16:34:23 GMT
X-Firefox-Spdy: h2


--- Additional Info ---