Overview

URLw1.msswol.com/prod/cdcf8e28-c59b-412c-84af-8ecb1d4d2eb1/2f756a3b-34ec-4164-9766-a100cb890813
IP 3.223.208.36 (United States)
ASN#14618 AMAZON-AES
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-18 05:32:31 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (18)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
w1.msswol.com (1) 0 No data No data 3.223.208.36 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-17 05:55:30 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-17 05:55:20 UTC 34.117.237.239
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.110
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
integrations.api.mailshake.com (1) 0 2018-03-30 15:53:44 UTC 2022-11-18 05:06:53 UTC 3.225.117.127 Domain (mailshake.com) ranked at: 215073
www.hastingsus.com (1) 0 No data No data 13.248.243.5 Unknown ranking
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.22
img1.wsimg.com (37) 9893 2012-06-20 14:42:31 UTC 2020-04-15 04:54:15 UTC 23.36.79.16
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-17 23:38:14 UTC 142.250.74.174
r3.o.lencr.org (6) 344 No data No data 23.36.76.226
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.214.236.46
img6.wsimg.com (1) 15438 No data No data 23.36.79.16
events.api.secureserver.net (2) 125179 No data No data 23.72.139.72
ocsp.pki.goog (2) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
hastingsus.com (1) 0 2020-02-29 19:19:37 UTC 2022-11-15 01:01:29 UTC 13.248.243.5 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-18 2 w1.msswol.com/prod/cdcf8e28-c59b-412c-84af-8ecb1d4d2eb1/2f756a3b-34ec-4164- (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 3.223.208.36
Date UQ / IDS / BL URL IP
2022-11-18 17:04:59 +0000 0 - 0 - 1 tracking.revamedia.dk/ 3.223.208.36
2022-11-18 05:32:31 +0000 0 - 0 - 1 w1.msswol.com/prod/cdcf8e28-c59b-412c-84af-8e (...) 3.223.208.36
2022-11-16 13:55:54 +0000 0 - 0 - 1 w1.msscnw.com/prod/3977917c-1c6f-4aa9-9c02-5c (...) 3.223.208.36
2022-11-15 02:52:28 +0000 0 - 0 - 1 tracking.revvanaplan.com/prod/90a6d0d4-d411-4 (...) 3.223.208.36
2022-11-14 23:14:17 +0000 0 - 0 - 1 w1.mssdps.com/prod/unsubscribe-confirm/655b04 (...) 3.223.208.36


Last 5 reports on ASN: AMAZON-AES
Date UQ / IDS / BL URL IP
2023-02-06 12:09:27 +0000 0 - 2 - 0 proxy.quickmail.com/click/1/549984381/476d0f2 (...) 34.201.80.84
2023-02-06 12:04:45 +0000 0 - 0 - 2 ipn.subscribenow.tv/ 18.213.226.237
2023-02-06 11:37:36 +0000 0 - 0 - 10 bc6745.ezepo.net/unsubscribe/636/36/3/c50379d (...) 54.159.228.173
2023-02-06 10:29:46 +0000 0 - 6 - 30 my.signpost.com/external_link_click?url=mpalm (...) 3.222.58.76
2023-02-06 10:27:28 +0000 0 - 4 - 0 pifhelp.com/Bin/ConnectWiseControl.Client.exe (...) 52.3.89.182


Last 5 reports on domain: msswol.com
Date UQ / IDS / BL URL IP
2022-12-18 07:00:52 +0000 0 - 0 - 1 w1.msswol.com/prod/a83d1dfc-3996-4cf3-a845-ab (...) 44.198.6.24
2022-12-14 11:48:53 +0000 0 - 0 - 1 w1.msswol.com/prod/8f449278-a33f-47ba-894a-e4 (...) 35.169.203.233
2022-12-11 07:42:22 +0000 0 - 0 - 1 w1.msswol.com/prod/04afe878-c674-4a47-be76-34 (...) 35.169.203.233
2022-12-11 06:43:33 +0000 0 - 0 - 1 w1.msswol.com/prod/04afe878-c674-4a47-be76-34 (...) 35.169.203.233
2022-12-11 06:43:14 +0000 0 - 0 - 1 w1.msswol.com/prod/04afe878-c674-4a47-be76-34 (...) 35.169.203.233


Last 3 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-05 05:47:35 +0000 0 - 0 - 1 w1.msswol.com/prod/0d1310ca-008f-4b88-87c6-e9 (...) 35.169.203.233
2022-11-28 07:43:15 +0000 0 - 0 - 1 w1.msswol.com/prod/0566d334-b7b0-489d-b3a4-2f (...) 44.198.6.24
2022-09-21 16:34:34 +0000 0 - 0 - 1 w1.msswol.com/prod/38c23a91-dd81-4cd9-8eb3-bd (...) 34.204.222.45

JavaScript

Executed Scripts (60)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (68)


Request Response
                                        
                                            GET /prod/cdcf8e28-c59b-412c-84af-8ecb1d4d2eb1/2f756a3b-34ec-4164-9766-a100cb890813 HTTP/1.1 
Host: w1.msswol.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.223.208.36
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 18 Nov 2022 05:32:19 GMT
Content-Length: 332
Connection: keep-alive
X-Powered-By: Express
Location: https://integrations.api.mailshake.com/beacon/click?emailID=cdcf8e28-c59b-412c-84af-8ecb1d4d2eb1&linkID=2f756a3b-34ec-4164-9766-a100cb890813
Vary: Accept


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (332), with no line terminators
Size:   332
Md5:    54fa6c012b41eced1560a15512ab56f8
Sha1:   a71fc5d3ffd8efcb61a96912aa4c5feb71ee7420
Sha256: ef407d90c6235cc9d874d355bfcae10d6d9c97c879b3cf4c6119c10e81e76f4f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2648
Expires: Fri, 18 Nov 2022 06:16:27 GMT
Date: Fri, 18 Nov 2022 05:32:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6398
Cache-Control: max-age=110742
Date: Fri, 18 Nov 2022 05:32:19 GMT
Etag: "63760d7b-1d7"
Expires: Sat, 19 Nov 2022 12:18:01 GMT
Last-Modified: Thu, 17 Nov 2022 10:31:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2282
Expires: Fri, 18 Nov 2022 06:10:21 GMT
Date: Fri, 18 Nov 2022 05:32:19 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 04:44:46 GMT
cache-control: public,max-age=3600
age: 2853
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: xitXkir93/kzOelClol3yAinzE/DdHIqA3Vbiy5zCnmGT80aYSSASLUOgfzLnMuGsg+TPqo3958=
x-amz-request-id: 1V54YY10Z9VBFNDM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 05:15:28 GMT
age: 1012
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 18 Nov 2022 05:32:20 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87420
Date: Fri, 18 Nov 2022 05:32:20 GMT
Etag: "6375cb60-1d7"
Expires: Sat, 19 Nov 2022 05:49:20 GMT
Last-Modified: Thu, 17 Nov 2022 05:49:20 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zDVdUVlW2aS_RZVAtzxYlCjXuJX5L24Ki5xOseVMSSjUlh5TesqOHQ==

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 05:25:01 GMT
cache-control: public,max-age=3600
age: 439
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /beacon/click?emailID=cdcf8e28-c59b-412c-84af-8ecb1d4d2eb1&linkID=2f756a3b-34ec-4164-9766-a100cb890813 HTTP/1.1 
Host: integrations.api.mailshake.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         3.225.117.127
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Fri, 18 Nov 2022 05:32:20 GMT
content-length: 180
location: http://www.hastingsus.com/?msID=2f756a3b-34ec-4164-9766-a100cb890813
x-powered-by: Express
vary: Origin, Accept, Accept-Encoding
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   180
Md5:    6abc16cdd0341e23f8c0e908eb19f709
Sha1:   e0813a72b4c31375d08bb631e46638a9e805c587
Sha256: 9c1e62db7c95fb335336befaff8681b1b3a0b3e5adcd2f780d8ecafd62486815
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2377
Cache-Control: max-age=101652
Date: Fri, 18 Nov 2022 05:32:20 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 09:46:32 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /?msID=2f756a3b-34ec-4164-9766-a100cb890813 HTTP/1.1 
Host: www.hastingsus.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         13.248.243.5
HTTP/1.1 301 Moved Permanently
                                        
location: https://hastingsus.com/?msID=2f756a3b-34ec-4164-9766-a100cb890813
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/
etag: 66cab666abdf5815cee99002e8d16aa8
date: Fri, 18 Nov 2022 05:32:20 GMT
keep-alive: timeout=5
transfer-encoding: chunked

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Fri, 18 Nov 2022 05:32:20 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 18 Nov 2022 04:46:05 GMT
Expires: Sat, 19 Nov 2022 04:46:05 GMT
ETag: "6090fb927368c05229fefab02cb74e8cd124617f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    4e9fea7b53ce12364a17c9744d02bce5
Sha1:   6090fb927368c05229fefab02cb74e8cd124617f
Sha256: 42c195fd1436de239bb4f9e69c906819079bd91e8049e09ccf489c8d515b6cd0
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nDuhRGpR65vKMa4F0QsJVQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.214.236.46
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fEwSSceR2RZGXO7irGcedMYoEqI=

                                        
                                            GET /poly/v2/polyfill.min.js?unknown=polyfill&flags=gated&features=default%2Cfetch%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.findIndex%2CFunction.name%2CNumber.isFinite%2CPromise%2CString.prototype.repeat%2CMath.sign%2CMath.trunc%2CArray.prototype.includes%2CObject.entries%2CObject.values%2CObject.is%2CIntersectionObserver%2CIntl.~locale.en-US HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
accept-ranges: bytes
last-modified: Wed, 16 Nov 2022 09:56:10 GMT
content-encoding: gzip
useragent_normaliser: firefox/105.0.0
access-control-allow-methods: GET,HEAD,OPTIONS
server-timing: cache-osl6523, PASS, fastly;desc="Edge time";dur=189
cache-control: public, max-age=172800, s-maxage=31536000
expires: Sun, 20 Nov 2022 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
content-length: 166
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   166
Md5:    f5e02d8f4506ab627fd029a9bc83e559
Sha1:   1bcabaa3024c42dab0dbe14902c1b0434655d40f
Sha256: 9f97db0347e1c702fa9af6cedf119d6228caff50ce433dc58bc0a0e53fb7afde
                                        
                                            GET /gfonts/s/lora/v26/0QIhMX1D_JOuMw_LIftL.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 39056
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:31 GMT
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 39056, version 1.0\012- data
Size:   39056
Md5:    ab20a3cbee44939ad33cb2d162484f23
Sha1:   f4df3e71cc8aebd85b6207d4ac35c76c602c2779
Sha256: 0a1dc89a4a29593bd35cc4811bfedd9765eeca4a9ef57323eec2cff14c9f9c5b
                                        
                                            GET /ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.6.5.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 102975
x-version: 0.7.1+sha-f8fdc16
etag: "b1e0b52ad3e5f0c3e0ebf2084a9b2c3b"
last-modified: Fri, 19 Feb 2021 19:23:08 GMT
x-amzn-trace-id: Root=1-6030101b-4fd845c9320533c35be8a189
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (62912)
Size:   102975
Md5:    00cb34f0ba41b74af9c753379e6e6df2
Sha1:   7b1ed90a93b1dfb2840a6b3a7c77314c173180cb
Sha256: 2d96e8d70ff8dd23a03b64466bc1fd4b31b38e25c51fbb517a7c0f41c3040a56
                                        
                                            GET /gfonts/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 35660
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Size:   35660
Md5:    0d0d3e5824e5e67a9e993960df2b67a9
Sha1:   328d67bb1d5899a7809df9f4385181863fd035f1
Sha256: 38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
                                        
                                            GET /gfonts/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 35764
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Size:   35764
Md5:    60f23230f1a8d5c3b7d25b73f5b5ce23
Sha1:   ed08ada85d017893b9bcb8224e99154c6708f5d2
Sha256: 22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
                                        
                                            GET /isteam/stock/pY3dyEV/:/rs=w:365,h:365,cg:true,m/cr=w:365,h:365/qt=q:1 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 3018
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1148342972
x-width: 365
x-height: 365
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
edge-cache-tag: /isteam/stock/pY3dyEV
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3018
Md5:    baf08eea93f7da59f33c6bb6181d9769
Sha1:   826964830c1de32141dc3fe79d5a301275ed9dd1
Sha256: f6d261001c2267c9f55bfcb2e28260779bd70656bb8d37e6a4c190f9aba79a1d
                                        
                                            GET /isteam/stock/ZV5rRqg/:/cr=t:0%25,l:17.91%25,w:43.17%25,h:100%25/rs=w:365,h:365,cg:true/qt=q:1 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 3368
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 3923771073
x-width: 365
x-height: 365
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
edge-cache-tag: /isteam/stock/ZV5rRqg
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3368
Md5:    1c281d553776ab0d87543e81f5cb9619
Sha1:   bd35bfa4e4b54d85789d29de1caf885d1991994a
Sha256: a617bd586905e531e3afe1fd27ad5886c96942b3a8c25276333dec31b2f19e8f
                                        
                                            GET /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/LOGO_s-0001.png/:/rs=h:400/ll HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 6200
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1207142610
x-width: 292
x-height: 292
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
edge-cache-tag: /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/LOGO_s-0001.png/:/rs=h:400/ll
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   6200
Md5:    19b3a5902286c03410f547279d5f1af5
Sha1:   6db557b3aeaff25a14d8655a4a41b380e6da9363
Sha256: 0586a9480d28d09a9dd770c4ff8f2869418a109252bd13fb0c0cadf085ae92c8
                                        
                                            GET /isteam/stock/6359/:/rs=w:365,h:365,cg:true,m/cr=w:365,h:365/qt=q:1 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 2272
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2394146577
x-width: 365
x-height: 365
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
edge-cache-tag: /isteam/stock/6359
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2272
Md5:    627eede36f67a8cc9dab92434e3cc7b0
Sha1:   a179490a7ff97461e8bfe986200979a72601f9cc
Sha256: 610264de69b5ebc640ad5d6f8062bc86abbad325010d24a606ffa3f7e5014562
                                        
                                            GET /blobby/go/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/gpub/fa9f889701851ff1/script.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 9319
x-version: 0.7.1+sha-f8fdc16
etag: "d9d4cf88c5e6e48e470edfb53ca6097f"
last-modified: Tue, 23 Feb 2021 06:02:30 GMT
x-amzn-trace-id: Root=1-60349a75-54193e912a3aaeda3560eeee
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (46595), with no line terminators
Size:   9319
Md5:    df1b461b3d99b3cd65c48a5dcec0fccf
Sha1:   a7662f440c51f2c41920cdafe1d63bc094658515
Sha256: 334d0329d246a7b571363e8a21ab27fdc63e5358f3863d8b27c7eb7a609ad653
                                        
                                            GET /blobby/go/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/gpub/a07222fc02d26f24/script.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3394
x-version: 0.7.1+sha-f8fdc16
etag: "241253e2e3c310f683b25123a12e19e2"
last-modified: Tue, 23 Feb 2021 06:02:30 GMT
x-amzn-trace-id: Root=1-60349a75-596f09f83f21d4523187b2f7
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14929), with no line terminators
Size:   3394
Md5:    9ce7b3f9f6bd51b04d385b222035a6fc
Sha1:   e340c0c83277722f65d90414a28a1927d8a50955
Sha256: 140c3b7097880736d44be0bdcd37e462e2d052c9461dd0e832013b5958cf0d80
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-_commonjsHelpers-6f995b5b.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 289
x-version: 0.7.1+sha-f8fdc16
etag: "42ebe837c6d9e64f008416b1534f548f"
last-modified: Tue, 22 Sep 2020 21:14:27 GMT
x-amzn-trace-id: Root=1-5f6a6932-a01e9709763b178436ffbcb8
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (392)
Size:   289
Md5:    19aa9b3e3f24dee248cf222b5ce6ebc8
Sha1:   6a15fbc19d8200b3d73304898100fbe0f499b3c4
Sha256: 9efae2a5f0ba073e574554fede2ee20914725071ced620d0ad7c495a1417cb60
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-af9120e0.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 352
x-version: 0.7.1+sha-f8fdc16
etag: "077ee05f6f4bbf2e0ff9ef5b657691c1"
last-modified: Thu, 10 Sep 2020 22:21:24 GMT
x-amzn-trace-id: Root=1-5f5aa6e0-49fa678ed5162be7cda3abb0
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (516)
Size:   352
Md5:    9650aa98af547750bbfdb38940374c62
Sha1:   2460e8c443f94a16214680b8680d84c3a33d008f
Sha256: 6c04a81bf4cbca57f16770243602e94a3b09121db5d30e28b3cb3d0cdc1436a2
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-defaultSocialIconPack-de218de9.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 5632
x-version: 0.7.1+sha-f8fdc16
etag: "41b60b2e85ee6335616d02772c4a0c2e"
last-modified: Thu, 10 Sep 2020 22:21:25 GMT
x-amzn-trace-id: Root=1-5f5aa6e4-52cbd058e4dfdea0a19a07de
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16435)
Size:   5632
Md5:    3fa2447da4ff283f8aaf408d52a066e3
Sha1:   e2b19fa7768c6164cd7221bd25e9e6aeac2603cf
Sha256: c82759e23976c29508c6dc118ef194dc97408d64aa74ba8a27710c6148876c89
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-headerTreatments-5b061043.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1507
x-version: 0.7.1+sha-f8fdc16
etag: "ac2892b95e80c41d638d84ac2f258b3b"
last-modified: Fri, 19 Feb 2021 19:47:09 GMT
x-amzn-trace-id: Root=1-603015bc-2d488d4e4d503ce209465190
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3070)
Size:   1507
Md5:    af9c6a9e4c2855a37a557f6b57271b6f
Sha1:   3d5595938f0051964b9b1caec1c6f45d2728352d
Sha256: 57a45e29a4c729d7c31bd504fc8b0ffe55a774a83b048a27119f40cc1f095d64
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-9ad32511.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 696
x-version: 0.7.1+sha-f8fdc16
etag: "602d74492266962cd9653e221e298f54"
last-modified: Fri, 19 Feb 2021 19:47:08 GMT
x-amzn-trace-id: Root=1-603015bb-64186442316d54da4b9a0ea2
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1093)
Size:   696
Md5:    48dda716d2076b3bc642c36fb51156a6
Sha1:   1471d6a78a5d9ee4d87ef2f4ecc681a5cf104b91
Sha256: 5f4f10305fc50c3f49106d4138fbcf4202d940d4a9eeaf302db5e9d9eb3bf965
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-71da3a1d.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 303
x-version: 0.7.1+sha-f8fdc16
etag: "e092abc6a9efd01cfe90a0e5ff12ab80"
last-modified: Mon, 25 Jan 2021 19:00:18 GMT
x-amzn-trace-id: Root=1-600f1541-1243659c6658c55008346f94
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (358)
Size:   303
Md5:    bc711aa969d24953cf32081b90e7f334
Sha1:   e97e2976d5b94490d592bb572165c480422d8128
Sha256: 92ed6a7aacf4e562cc0a157a67d65c90d8b97701a9785315b879be0dd0fc6766
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-cc4720ff.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 728
x-version: 0.7.1+sha-f8fdc16
etag: "97341cc18727af1c3f72c7bc375f40e0"
last-modified: Tue, 12 Jan 2021 18:17:51 GMT
x-amzn-trace-id: Root=1-5ffde7ce-2b14641f5925392c24ec3c6a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1288)
Size:   728
Md5:    59a250db6c5dd19fcd4c36b0e11c2f2e
Sha1:   0f45d00514cc35004199ba32cc1aa2959ee17147
Sha256: 19ef4fba75ae3a945d031e17e0c7f2c275f4c40c800ea52be068331f7b58cdb1
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-190a6a67.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 226
x-version: 0.7.1+sha-f8fdc16
etag: "65ad916650d2d7fef3d5101ae3f51c4c"
last-modified: Thu, 10 Sep 2020 22:21:26 GMT
x-amzn-trace-id: Root=1-5f5aa6e4-9ac614884d66a7b41e6bf0a9
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   226
Md5:    d20d707f192768c7ff06844b4492dc13
Sha1:   fc7d9d65cd45239ac944c273c22da4515e91430d
Sha256: eb6a69648064b15547d864b68f36bd5a77a355b8cae42d6f2421f1357f6c12dd
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-ec745dc3.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 53693
x-version: 0.7.1+sha-f8fdc16
etag: "1ebca823195e208b10235cd7f6e1fee4"
last-modified: Fri, 19 Feb 2021 19:47:10 GMT
x-amzn-trace-id: Root=1-603015bc-1de9105e6636664a1960002a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   53693
Md5:    03134822b9ed59cbbe52f29b0a0b448e
Sha1:   2e348f88dc2ad1ee99538713d6dda5e8a86d6689
Sha256: 1be74cc7a3df8f5ae6df6b9cae42ec9fd1f178a0ddf638301ef638f38eb1905b
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-f1bd86ab.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 728
x-version: 0.7.1+sha-f8fdc16
etag: "3ccb03745ea03054aaa9d4128c23dd2d"
last-modified: Thu, 10 Sep 2020 22:21:26 GMT
x-amzn-trace-id: Root=1-5f5aa6e5-3433ddacb62b31b2febd219e
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3109)
Size:   728
Md5:    8ccffb059324d4970e791ffe25fd53d1
Sha1:   e814e2c6a4b403c91bdcdc61233c53ad51072098
Sha256: feb57c699013f54831c995fd3fd29e2ac47e1886943a03174d66622fba954bdc
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-modernThinRound-f0ab7555.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 5108
x-version: 0.7.1+sha-f8fdc16
etag: "46c51362b03cc83aea7ad934267b0f32"
last-modified: Thu, 10 Sep 2020 22:21:27 GMT
x-amzn-trace-id: Root=1-5f5aa6e6-5c0574e2dbad155774709cc8
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13412)
Size:   5108
Md5:    277aa081267dc4a312d89cccce8630da
Sha1:   76917cf9c19f1db822ec20b42644e9a0cc066059
Sha256: e1fa151c579f658bd863a0853f7b80423d59091fc69b1d4549da2d2dac8967e7
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-themeOverrides-4d5d2f9c.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 408
x-version: 0.7.1+sha-f8fdc16
etag: "06819f7c90dabb294f3c6815e4667500"
last-modified: Tue, 02 Feb 2021 19:01:12 GMT
x-amzn-trace-id: Root=1-6019a177-2b32e9810bfb5d1311f99854
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (808)
Size:   408
Md5:    71cf568f26747b3043bf8de54ff74311
Sha1:   e405fa2d2b9fda6cde58d11119160f7f879757d5
Sha256: fbd8436c652951d20bf2724fc724f28698011ed9e64fda732ea744eeda73f410
                                        
                                            GET /isteam/stock/67150/:/cr=t:2.83%25,l:2.83%25,w:94.34%25,h:94.34%25/rs=w:50,cg:true,mx/qt=q:1 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 448
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 1968262019
x-width: 50
x-height: 33
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
edge-cache-tag: /isteam/stock/67150
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   448
Md5:    4bfba19478f10c3e5b6814bdbbc15a58
Sha1:   e35fb7c78d94c4760e059064ff15d02b0cfcd0f2
Sha256: 0dc451994fac5e38a1ac04954b563b448dab47c14516f17d4956eea1f2165fb7
                                        
                                            GET /blobby/go/static/radpack/@widget/MESSAGING/bs-Component-184da2fa.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 2649
x-version: 0.7.1+sha-f8fdc16
etag: "b89b1395df761e458bc304304cea9529"
last-modified: Tue, 08 Dec 2020 23:33:37 GMT
x-amzn-trace-id: Root=1-5fd00d50-417ee9776a75c4331b69cb6b
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8492)
Size:   2649
Md5:    ca058ed01a67fd7edcd9f63fddbfbe8f
Sha1:   3c641d17f1ab9378c22e7cb8f2b9f0fd849d563f
Sha256: 476b5695377a064236bc5b9381d40052f2d4e4f8b358b2d81f66a387804be6d4
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-8b87f88f.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 322
x-version: 0.7.1+sha-f8fdc16
etag: "c950ceaa9b54c1435b6d60c569bb8948"
last-modified: Wed, 21 Oct 2020 02:55:23 GMT
x-amzn-trace-id: Root=1-5f8fa31a-5676216307edf3d814421b90
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   322
Md5:    f76cb2988fff768e6d2fa91ce44cec39
Sha1:   65e45c845d61c0943ef5f89b31145d5a05f3021f
Sha256: 8542aee6f718a5c8cadd79164984ed616b91d3660780e0d8c3fbd08ded113a11
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-a479b038.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 367
x-version: 0.7.1+sha-f8fdc16
etag: "8857679c4bd7c2c9238416f452bed34f"
last-modified: Wed, 21 Oct 2020 02:55:22 GMT
x-amzn-trace-id: Root=1-5f8fa319-4467925d4bc512bd5d8610c2
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   367
Md5:    a5c6e41c09faadb3c1c61691d2095174
Sha1:   aad16c94df292aa072454c6fdc55e1774153229b
Sha256: cb15a1744276298a8303612901f1b85d9d773663c5c591cb128b98e2bb25166f
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-f4096148.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 430
x-version: 0.7.1+sha-f8fdc16
etag: "56b37779e560b1f33dae335fcdf417e5"
last-modified: Tue, 01 Dec 2020 17:54:55 GMT
x-amzn-trace-id: Root=1-5fc6836e-274d6c4c70fec5b058af7bae
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (651)
Size:   430
Md5:    2bd483e0e1dbe2726d090c9581c8ca85
Sha1:   95fa1b87ddf4027b4223b06e86932d788aba2636
Sha256: 205d0e1c2faf95cb7b22234abcad7abae243b799ea1d790288ddfee6e46a6ad9
                                        
                                            GET /isteam/stock/67150/:/cr=t:2.83%25,l:2.83%25,w:94.34%25,h:94.34%25/rs=w:1535,m HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 133850
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 150096165
x-width: 1535
x-height: 1004
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
edge-cache-tag: /isteam/stock/67150
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   133850
Md5:    94ac12b9050fa3864b8dbde8abb7fd41
Sha1:   ca4b04079f08cfd6e9452143ea7879d3829cb134
Sha256: e06c196bbc609be6ad669ae137197633bf039e2aa4ee2c0f9eb17deb06f16d17
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-45b716a6.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 976
x-version: 0.7.1+sha-f8fdc16
etag: "4c0e199bd5e8e865104a5fe84e74a8f6"
last-modified: Thu, 10 Sep 2020 22:21:25 GMT
x-amzn-trace-id: Root=1-5f5aa6e4-ce26564143a059cabe8b0d1a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2332)
Size:   976
Md5:    8afa3be3951fe6cb012cca6574172d20
Sha1:   59c7358e9bf8a05150ca4cb4d4227df36c96a7a8
Sha256: 691e82cbd30ef149c273bd9deffba8b7d5dd5348459b10f3414856c35b851f00
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-ed2c5b21.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1248
x-version: 0.7.1+sha-f8fdc16
etag: "0851a3d17e1a5f8ec33a142592bc8378"
last-modified: Mon, 08 Feb 2021 18:05:00 GMT
x-amzn-trace-id: Root=1-60217d4b-3a2fcfe27a7f311138bcb50a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3295)
Size:   1248
Md5:    e1bae38b3a32c72d2b1cb70a463cbe3c
Sha1:   be9add730d3ffba748b4bca7517e8038f996ab79
Sha256: 326864dd59c5e6d355fc4745759e24292d0ad94df9e01a847787409cffbd6cd9
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-1f0307e6.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 872
x-version: 0.7.1+sha-f8fdc16
etag: "e8e60f499d5db055a54fb28e29a7c0c1"
last-modified: Mon, 08 Feb 2021 18:05:01 GMT
x-amzn-trace-id: Root=1-60217d4c-20b0c123220466df2535e0d5
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1781)
Size:   872
Md5:    83b8e2c0dcc9e6427c2689c09dbe0300
Sha1:   0aaf22f34789e39755ceb76ac53565c08619b808
Sha256: e8c02b11288590ed624815f964ddc063e69d7906ae6a995e7eea09bbbb5d15ed
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-layout15-Theme-publish-Theme-c31d76cc.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 2103
x-version: 0.7.1+sha-f8fdc16
etag: "0f57b06c8e8a7133980383afd233f6fd"
last-modified: Fri, 19 Feb 2021 19:47:09 GMT
x-amzn-trace-id: Root=1-603015bc-4cee21863869863860c665e5
x-forwarded-port: 443
x-forwarded-for: 64.202.160.106
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:21 GMT
date: Fri, 18 Nov 2022 05:32:21 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6040)
Size:   2103
Md5:    d49f9d74bfb769a4ca74d113096bc342
Sha1:   160aa7fd63b33cc93b422f121e7dcc278540b436
Sha256: 8d8e21786629f74926ee5e4ff0ac6e218ea42842ce324d9126507e90af79e9b1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 05:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 18 Nov 2022 04:41:09 GMT
expires: Fri, 18 Nov 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 3072
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 05:32:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/favicon/024a6530-7e86-4c3e-b7c4-831b26f984d5.png/:/rs=w:16,h:16,m HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 322
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2897505393
x-width: 16
x-height: 16
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:22 GMT
date: Fri, 18 Nov 2022 05:32:22 GMT
edge-cache-tag: /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/favicon/024a6530-7e86-4c3e-b7c4-831b26f984d5.png/:/rs=w:16,h:16,m
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   322
Md5:    1f5761baed5b140e73f67ec839274ad6
Sha1:   fd550a00cc7c2ee265b51f7fe018383e24944d50
Sha256: 46b37e6031cf6ae6630e3a8b1babe6289f127e5484cd253678fc86b88b204d55
                                        
                                            GET /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/LOGO_s-0001.png/:/rs=w:180,h:180,m HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 4376
x-version: 0.4.4+sha-1355e94
x-track-origin-referer: https://hastingsus.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 3056287551
x-width: 180
x-height: 180
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Sat, 18 Nov 2023 05:32:22 GMT
date: Fri, 18 Nov 2022 05:32:22 GMT
edge-cache-tag: /isteam/ip/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/LOGO_s-0001.png/:/rs=w:180,h:180,m
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   4376
Md5:    aec315dee1ea97b7794d0b16a4191923
Sha1:   f9b97039186c536b824e733d445b6e68323d5a32
Sha256: 329c7fba7729c9ceba247e1a5515e721f2ab12e75e99c8bcd2d3c25db098f5de
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4237
Expires: Fri, 18 Nov 2022 06:42:59 GMT
Date: Fri, 18 Nov 2022 05:32:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4237
Expires: Fri, 18 Nov 2022 06:42:59 GMT
Date: Fri, 18 Nov 2022 05:32:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4237
Expires: Fri, 18 Nov 2022 06:42:59 GMT
Date: Fri, 18 Nov 2022 05:32:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4237
Expires: Fri, 18 Nov 2022 06:42:59 GMT
Date: Fri, 18 Nov 2022 05:32:22 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:24:12 GMT
age: 25690
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7631
Md5:    b2b393e36ee2c9649d90db136aa49542
Sha1:   e88c5832ff0c49bab181d948c3a510d88343bb6f
Sha256: 8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5zDWKjYmvVLCemXw5Swm2qkhw1mQtD5c07Fl7Krydo_XR5FFyHDu4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 07:15:37 GMT
age: 80205
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11667
Md5:    032386e5c9dffff1ba1ee5e8a322d438
Sha1:   dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
Sha256: 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:08:54 GMT
age: 26608
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3759
Md5:    5d0b6106f00f9fd8b89c2d484a559a1a
Sha1:   399ac393209dcdac7d2188d7aa8d95f04570ef7c
Sha256: 5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10281
x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-77EWaIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xbau-BXu_W5Hu8QaCg3tvwfYMb_8L8F_muNp4gVukeNTmiDW4BAXhA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:24:03 GMT
age: 25699
etag: "90a146aef85765630a5e09e46a0a8682e204bec1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10281
Md5:    35da1192dcadc6e329a9e60c16904301
Sha1:   90a146aef85765630a5e09e46a0a8682e204bec1
Sha256: 816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10349
x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7tHGLIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:05:52 GMT
age: 26790
etag: "fa7c5c9a1d16355859196271f3d13f3850931888"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10349
Md5:    7d16e5ff718353c095d266b080fe547f
Sha1:   fa7c5c9a1d16355859196271f3d13f3850931888
Sha256: 9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6339
x-amzn-requestid: 0be5dee5-272d-4577-ba55-5cdb7935ea60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MCExBoAMFz6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa4c-15fd613336aa6fcb165d0b26;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NYs-Nf0PzWqhXP5nkvanTjhJ6vfwRIU--YD06RFIGPEuwDCu6fvEPg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:01:30 GMT
age: 27052
etag: "4369c8ebe61b9944e639bb2731feb51c5a758fe7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6339
Md5:    4998f097d23ee5f19cae27d5b938e5fc
Sha1:   4369c8ebe61b9944e639bb2731feb51c5a758fe7
Sha256: 5691c66766c9578e9c4aa71240608653821162c668abc63ee40e553ede2450e0
                                        
                                            GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 302 Found
                                        
content-length: 0
location: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
cache-control: max-age=1800
expires: Fri, 18 Nov 2022 06:02:22 GMT
date: Fri, 18 Nov 2022 05:32:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /traffic-assets/js/tccl.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hastingsus.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 302 Found
                                        
content-length: 0
location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
cache-control: max-age=1800
expires: Fri, 18 Nov 2022 06:02:22 GMT
date: Fri, 18 Nov 2022 05:32:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js HTTP/1.1 
Host: img6.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hastingsus.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
accept-ranges: bytes
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
vary: Accept-Encoding
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
x-amz-request-id: N5JSXGJTVEFZM8E9
x-amz-server-side-encryption: AES256
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-length: 11155
x-edgeconnect-midmile-rtt: 15, 15
x-edgeconnect-origin-mex-latency: 135, 135
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Fri, 18 Nov 2022 05:32:22 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (45500)
Size:   11155
Md5:    1ac00b5d5abfa64175a140de3f29a8e2
Sha1:   c07c5611cfff3ec4c7034134e4148f177242908c
Sha256: 65198366099c4eea2ed8a4dbe30fbb7896435a3505c5265260715d3385058378
                                        
                                            GET /t/1/tl/event?cts=1668749540877&dh=hastingsus.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1113755513&cv=2.0.0&z=1060589911&vg=648c73bb-72d3-5537-9d47-e808f88170dc&vtg=648c73bb-72d3-5537-9d47-e808f88170dc&dp=%2F&ap=IPv2&trfd=%7B%22websiteId%22%3A%223bee0d02-69f8-45ac-b2fe-14cbdccd2981%22%2C%22pd%22%3A%222021-02-23T06%3A02%3A28.077Z%22%2C%22ap%22%3A%22IPv2%22%2C%22ds%22%3A%22eu-central-1%22%2C%22meta.numWidgets%22%3A5%2C%22meta.theme%22%3A%22layout15%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Atrue%2C%22vct%22%3A2569%7D&hit_id=3b1262da-7c44-5383-81ae-9ae9833f64c8&ht=perf&tce=1668749539367&tcs=1668749539200&tdc=1668749540551&tdclee=1668749540314&tdcles=1668749540310&tdi=1668749540286&tdl=1668749539555&tdle=1668749539198&tdls=1668749539197&tfs=1668749539196&tns=1668749538000&trqs=1668749539367&tre=1668749539545&trps=1668749539523&tles=1668749540551&tlee=1668749540551&nt=navigate&nav_type=hard HTTP/1.1 
Host: events.api.secureserver.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.72.139.72
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
access-control-allow-origin: https://hastingsus.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Fri, 18 Nov 2022 05:32:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /t/1/tl/event?cts=1668749540874&dh=hastingsus.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1113755513&cv=2.0.0&z=129139676&vg=648c73bb-72d3-5537-9d47-e808f88170dc&vtg=648c73bb-72d3-5537-9d47-e808f88170dc&dp=%2F&ap=IPv2&trfd=%7B%22websiteId%22%3A%223bee0d02-69f8-45ac-b2fe-14cbdccd2981%22%2C%22pd%22%3A%222021-02-23T06%3A02%3A28.077Z%22%2C%22ap%22%3A%22IPv2%22%2C%22ds%22%3A%22eu-central-1%22%2C%22meta.numWidgets%22%3A5%2C%22meta.theme%22%3A%22layout15%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Atrue%2C%22vct%22%3A2569%7D&hit_id=d034af0c-2e5c-534f-91d4-2e897d5dc487&ht=pageview HTTP/1.1 
Host: events.api.secureserver.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hastingsus.com
Connection: keep-alive
Referer: https://hastingsus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.72.139.72
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
access-control-allow-origin: https://hastingsus.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Fri, 18 Nov 2022 05:32:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /?msID=2f756a3b-34ec-4164-9766-a100cb890813 HTTP/1.1 
Host: hastingsus.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         13.248.243.5
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <https://img1.wsimg.com/poly/v2/polyfill.min.js?unknown=polyfill&flags=gated&features=default%2Cfetch%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.findIndex%2CFunction.name%2CNumber.isFinite%2CPromise%2CString.prototype.repeat%2CMath.sign%2CMath.trunc%2CArray.prototype.includes%2CObject.entries%2CObject.values%2CObject.is%2CIntersectionObserver%2CIntl.~locale.en-US>; rel=preload; as=script; crossorigin,<//img1.wsimg.com/blobby/go/3bee0d02-69f8-45ac-b2fe-14cbdccd2981/gpub/fa9f889701851ff1/script.js>; rel=preload; as=script; crossorigin,<//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.6.5.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lora/v26/0QIhMX1D_JOuMw_LIftL.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self' godaddy.com *.godaddy.com
vary: Accept-Encoding
server: DPS/2.0.0-beta+sha-9b5fef9
x-version: 9b5fef9
x-siteid: eu-central-1
set-cookie: dps_site_id=eu-central-1; path=/; secure
etag: 66cab666abdf5815cee99002e8d16aa8
content-encoding: br
date: Fri, 18 Nov 2022 05:32:21 GMT
X-Firefox-Spdy: h2


--- Additional Info ---