search.hfastmapfinder.com/
52.204.131.189301 Moved Permanently 134 B URL HTTP/1.1 search.hfastmapfinder.com/
IP 52.204.131.189:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 27 Sep 2022 22:01:11 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://search.hfastmapfinder.com:443/
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 21:15:33 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OQR7bfzFF6mg1fDS0hkHZQrzLi_IGwtcz1yDg0b9pBEx4YqYeVNsnQ==
Age: 2738
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4697
Expires: Tue, 27 Sep 2022 23:19:28 GMT
Date: Tue, 27 Sep 2022 22:01:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KbI19yPH3a49Hlj2J4Nq6D_IUTu5QOaz-HbKdsJpupA2UNyLZklIrQ==
age: 45418
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 22:01:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 21:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 21:11:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3fZ8srxdZd0Hu60vS59x8iDhjeM-4oPKovPQtgqRwSl31M5BZeLhPg==
Age: 3026
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 90fa7230b039258ee5377d31b8826119
76e91f0d42d760ebba7d630ac0048e4e0c8b4959
b27bf30c1fa25d70ae30ff4e174c95d539b2d8eeaff3b9cfc31e83a6cb4b0dc7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 22:01:11 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1y1rSP2ULVwenSysti_m_ttywx12L6XeJZW-p_qpkC4lm_YUzYpeFw==
search.hfastmapfinder.com/
54.172.140.145200 OK 10 kB URL HTTP/2 search.hfastmapfinder.com/
IP 54.172.140.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (558), with CRLF line terminators
Hash b764461b80b132fa234437f41ac2c0b7
3de633d0293a6c4ceb55957dc48efabeb0bdd98b
67263db9af90a9c511f844245db83cb71e153059c6266c0c1b5b0c3e43b40d6a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: text/html; charset=utf-8
content-length: 10274
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
set-cookie: nts=t; domain=hfastmapfinder.com; path=/
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4098
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 22:01:12 GMT
Last-Modified: Tue, 27 Sep 2022 20:52:55 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 68bcdc41e3d0f9afa0d8b67156a966f3
4612836d7729384eef13993c10164038bf96074e
14430a995e92fd024ccc4381f67267b93a3d6405bdbc65c2f95d549e5405d953
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6245
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 22:01:12 GMT
Last-Modified: Tue, 27 Sep 2022 20:17:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 68bcdc41e3d0f9afa0d8b67156a966f3
4612836d7729384eef13993c10164038bf96074e
14430a995e92fd024ccc4381f67267b93a3d6405bdbc65c2f95d549e5405d953
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6245
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 22:01:12 GMT
Last-Modified: Tue, 27 Sep 2022 20:17:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
search.hfastmapfinder.com/styles/home/maps_v0?v=YZQFHnS-qaFX9CjCBom809W7BWqgY5tuqBjxVtqJyxA1
54.172.140.145200 OK 6.4 kB URL HTTP/2 search.hfastmapfinder.com/styles/home/maps_v0?v=YZQFHnS-qaFX9CjCBom809W7BWqgY5tuqBjxVtqJyxA1
IP 54.172.140.145:0
File type ASCII text, with very long lines (420), with CRLF line terminators
Hash 7f2257f8e25818cd2c9d37217f99ebe2
4727a51c485e62c057dbc3daffe1b754cf4b99d9
5c5028603bac98464dd659b83dd5801bb0db5ee0e6cbd86b80c5ce53714ecd6e
Analyzer Verdict Alert fortinet Malware
GET /styles/home/maps_v0?v=YZQFHnS-qaFX9CjCBom809W7BWqgY5tuqBjxVtqJyxA1 HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Cookie: nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: text/css; charset=utf-8
content-length: 6354
cache-control: public
content-encoding: gzip
expires: Wed, 27 Sep 2023 22:00:43 GMT
last-modified: Tue, 27 Sep 2022 22:00:43 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
search.hfastmapfinder.com/scripts/home/header_common?v=4Tw-CbIduhWbyrr3KLABUau5rK7lExIfoUHLAcIOTOQ1
54.172.140.145200 OK 4.0 kB URL HTTP/2 search.hfastmapfinder.com/scripts/home/header_common?v=4Tw-CbIduhWbyrr3KLABUau5rK7lExIfoUHLAcIOTOQ1
IP 54.172.140.145:0
File type ASCII text, with CRLF line terminators
Hash 12b35ba5e29df1e036a9c59d53be1b01
22f80ae9c5f9f315dd2999dcd926156d8650fbb3
4e7db115b89114979ce579cb542e7f1e3e2069ab89fc1b7013a72901f6aa9665
Analyzer Verdict Alert fortinet Malware
GET /scripts/home/header_common?v=4Tw-CbIduhWbyrr3KLABUau5rK7lExIfoUHLAcIOTOQ1 HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Cookie: nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: text/javascript; charset=utf-8
content-length: 3993
cache-control: public
content-encoding: gzip
expires: Wed, 27 Sep 2023 22:00:43 GMT
last-modified: Tue, 27 Sep 2022 22:00:43 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
search.hfastmapfinder.com/get/js/impression?uc=17700101&ap=&source=&uid=5cf8a24e-516a-41fd-9463-eb002d140126&i_id=&cid=
54.172.140.145200 OK 627 B URL HTTP/2 search.hfastmapfinder.com/get/js/impression?uc=17700101&ap=&source=&uid=5cf8a24e-516a-41fd-9463-eb002d140126&i_id=&cid=
IP 54.172.140.145:0
File type ASCII text, with CRLF line terminators
Hash 331d17156329ba9254f3f8dc17a5d2ed
d83d2a7df4c9d6aff6f036451b714341a112a29f
28b390be3dbbd20d231466a6ab90e5a828d71be2532dab4288fee4bef31b0ba0
GET /get/js/impression?uc=17700101&ap=&source=&uid=5cf8a24e-516a-41fd-9463-eb002d140126&i_id=&cid= HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Cookie: nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: text/javascript; charset=utf-8
content-length: 627
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
search.hfastmapfinder.com/Content/Home/Shared/Images/gear-icon.png
54.172.140.145200 OK 1.9 kB URL HTTP/2 search.hfastmapfinder.com/Content/Home/Shared/Images/gear-icon.png
IP 54.172.140.145:0
File type PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash c191c48cdc9a12101c96bac13a3a672e
b75a7ee6c62fc63201399401ebe1824b95f24ead
19fce2176cb990c4773742094923ccdd17d778fd050b675b0c8ff16b945e95ca
GET /Content/Home/Shared/Images/gear-icon.png HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Cookie: nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: image/png
content-length: 1866
cache-control: public, max-age=86400
last-modified: Wed, 10 Feb 2021 21:38:01 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
search.hfastmapfinder.com/Content/Slick/images/icons-star.png
54.172.140.145200 OK 21 kB URL HTTP/2 search.hfastmapfinder.com/Content/Slick/images/icons-star.png
IP 54.172.140.145:0
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash ee286d05500f9eee903e3429f8434776
28333c8a482b7531f85b1ed3e63d75ac8126953b
9f71f0c0201f4781879baf4e695f4188725a8ce2953d18b8c1120865f5d32a28
GET /Content/Slick/images/icons-star.png HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Cookie: nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: image/png
content-length: 20951
cache-control: public, max-age=86400
last-modified: Wed, 10 Feb 2021 21:38:02 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
search.hfastmapfinder.com/styles/home/setting?v=JPzpafmd3_j7snOkTWviRirXNGNZWvVufdfJfOsgJY81
54.172.140.145200 OK 895 B URL HTTP/2 search.hfastmapfinder.com/styles/home/setting?v=JPzpafmd3_j7snOkTWviRirXNGNZWvVufdfJfOsgJY81
IP 54.172.140.145:0
File type ASCII text, with very long lines (1841), with no line terminators
Hash 596014278e80a4ea4027595b4c494e24
25ec89f61a26deda8aef6a7bf66a6dcf2dbab1f9
bd1470fcb6be01bde481732bf15c8ad45a2f020b739f9cccdefc72443c57851a
Analyzer Verdict Alert fortinet Malware
GET /styles/home/setting?v=JPzpafmd3_j7snOkTWviRirXNGNZWvVufdfJfOsgJY81 HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Cookie: nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: text/css; charset=utf-8
content-length: 895
cache-control: public
content-encoding: gzip
expires: Wed, 27 Sep 2023 22:00:43 GMT
last-modified: Tue, 27 Sep 2022 22:00:43 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
search.hfastmapfinder.com/styles/home/monetizedquicklinks?v=UuHA0WP4LmLnZyiBb0afG44_7bcpxqWvRjML5M4nVAE1
54.172.140.145200 OK 2.3 kB URL HTTP/2 search.hfastmapfinder.com/styles/home/monetizedquicklinks?v=UuHA0WP4LmLnZyiBb0afG44_7bcpxqWvRjML5M4nVAE1
IP 54.172.140.145:0
File type ASCII text, with very long lines (12468), with no line terminators
Hash d4d1d3f720e7f9a832201bb966af96d1
77081561ff1a7bfc5c565af37ae0e4495d52352b
25eb6fdc9f1892e27f95f715e1d6cf52ea2bc0a00a9b821baffde7f271833448
Analyzer Verdict Alert fortinet Malware
GET /styles/home/monetizedquicklinks?v=UuHA0WP4LmLnZyiBb0afG44_7bcpxqWvRjML5M4nVAE1 HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Cookie: nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: text/css; charset=utf-8
content-length: 2343
cache-control: public
content-encoding: gzip
expires: Wed, 27 Sep 2023 22:00:43 GMT
last-modified: Tue, 27 Sep 2022 22:00:43 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ciNaA9TkHbJhtdTjDb8RuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kDt/0yraBCU7axtFamxlNs33uaE=
search.hfastmapfinder.com/Content/Home/Maps/Sprites/Sprite_Maps_V0.png
54.172.140.145200 OK 49 kB URL HTTP/2 search.hfastmapfinder.com/Content/Home/Maps/Sprites/Sprite_Maps_V0.png
IP 54.172.140.145:0
File type PNG image data, 1000 x 172, 8-bit/color RGBA, non-interlaced\012- data
Hash be1f0e0af3633338781b7a0bc93ef7e9
79157aa938733030398b75978691fc555d8a0edf
80460b923d79b6fcb4b3b05aee5187c5c721720e2efee4a988c8dc0188400c1d
GET /Content/Home/Maps/Sprites/Sprite_Maps_V0.png HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/styles/home/maps_v0?v=YZQFHnS-qaFX9CjCBom809W7BWqgY5tuqBjxVtqJyxA1
Cookie: nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: image/png
content-length: 48741
cache-control: public, max-age=86400
last-modified: Wed, 10 Feb 2021 21:38:01 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
search.hfastmapfinder.com/Content/Home/Email/Sprites/Sprite_Email_V6.png
54.172.140.145200 OK 52 kB URL HTTP/2 search.hfastmapfinder.com/Content/Home/Email/Sprites/Sprite_Email_V6.png
IP 54.172.140.145:0
File type PNG image data, 1000 x 172, 8-bit/color RGBA, non-interlaced\012- data
Hash e4869cb583a916cc0905b13ad3b923a5
712e63fcf018472a764828ca7322ea0768cc206c
0374ca934574eda23870eb4172b142a64e5789c3f0a6891e399462260c168c75
GET /Content/Home/Email/Sprites/Sprite_Email_V6.png HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/styles/home/maps_v0?v=YZQFHnS-qaFX9CjCBom809W7BWqgY5tuqBjxVtqJyxA1
Cookie: nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: image/png
content-length: 51702
cache-control: public, max-age=86400
last-modified: Wed, 10 Feb 2021 21:38:01 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
search.hfastmapfinder.com/Content/Images/toolbar-yahoo-maps.png
54.172.140.145200 OK 2.4 kB URL HTTP/2 search.hfastmapfinder.com/Content/Images/toolbar-yahoo-maps.png
IP 54.172.140.145:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b02956010a8f8a456e280d135e3c72bb
1b15c339f80d62709480e4a460569eed67f6f9ca
1e738b9a1d5ccec05f72f3ada32029c46117bc58ba9909dbd5ba3fe1f2c9ba5c
GET /Content/Images/toolbar-yahoo-maps.png HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/styles/home/maps_v0?v=YZQFHnS-qaFX9CjCBom809W7BWqgY5tuqBjxVtqJyxA1
Cookie: nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: image/png
content-length: 2355
cache-control: public, max-age=86400
last-modified: Wed, 10 Feb 2021 21:38:01 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 19 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
File type ASCII text, with very long lines (9097)
Hash 7ae9bc3a7df2c9954d6e3f73209de9e7
1fe49ffba7341355c9449da583262d77d9751a9a
f8680fda2784b92b080e82f5441cca728e81fa64d665e81ba396c2be8a6d1fcd
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2309
expires: Fri, 30 Sep 2022 22:01:12 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7517843c4c1f0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash e9bc1c1cf9b88c4eb6b13ca38fc0a55c
a8ff66303c38a14988e1c7a23c2510cc1a3dcaa6
4da7090bf7184e7e03c30fd889ff7bc5eb1401752a88d3de72c8e619b579aee5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 22:01:12 GMT
Last-Modified: Tue, 27 Sep 2022 20:52:48 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VnowTVKF90Q-s-2LhyrWrXqz78iRi9wqZobj50TSlEB8a2kTo9-dtA==
Age: 4104
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash e9bc1c1cf9b88c4eb6b13ca38fc0a55c
a8ff66303c38a14988e1c7a23c2510cc1a3dcaa6
4da7090bf7184e7e03c30fd889ff7bc5eb1401752a88d3de72c8e619b579aee5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 22:01:12 GMT
Last-Modified: Tue, 27 Sep 2022 20:53:43 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gL6lUgZCQxHLkxCLzXr-9bHjplVPkqe8-QBMd3daGrZ12mLaElZzTg==
Age: 4049
imp.onesearch.org/impression.do?event=ex_banner_show&user_id=5cf8a24e-516a-41fd-9463-eb002d140126&source=&traffic_source=&subid=17700101&implementation_id=maps_&page=adm&referrer=&offer_id=~
44.199.122.180503 Service Unavailable 162 B URL HTTP/2 imp.onesearch.org/impression.do?event=ex_banner_show&user_id=5cf8a24e-516a-41fd-9463-eb002d140126&source=&traffic_source=&subid=17700101&implementation_id=maps_&page=adm&referrer=&offer_id=~
IP 44.199.122.180:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 81df4d3863debf3eceb5cf84251fd472
4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b
GET /impression.do?event=ex_banner_show&user_id=5cf8a24e-516a-41fd-9463-eb002d140126&source=&traffic_source=&subid=17700101&implementation_id=maps_&page=adm&referrer=&offer_id=~ HTTP/1.1
Host: imp.onesearch.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
server: awselb/2.0
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: text/html
content-length: 162
X-Firefox-Spdy: h2
imp.onesearch.org/impression.do?event=ex_ql_impression&user_id=5cf8a24e-516a-41fd-9463-eb002d140126&source=&traffic_source=&subid=17700101&implementation_id=maps_&page=myquickmaps::googlemaps::bingmaps::myemailsimplified::nationalweatheragency&referrer=&offer_id=~
44.199.122.180503 Service Unavailable 162 B URL HTTP/2 imp.onesearch.org/impression.do?event=ex_ql_impression&user_id=5cf8a24e-516a-41fd-9463-eb002d140126&source=&traffic_source=&subid=17700101&implementation_id=maps_&page=myquickmaps::googlemaps::bingmaps::myemailsimplified::nationalweatheragency&referrer=&offer_id=~
IP 44.199.122.180:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 81df4d3863debf3eceb5cf84251fd472
4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b
GET /impression.do?event=ex_ql_impression&user_id=5cf8a24e-516a-41fd-9463-eb002d140126&source=&traffic_source=&subid=17700101&implementation_id=maps_&page=myquickmaps::googlemaps::bingmaps::myemailsimplified::nationalweatheragency&referrer=&offer_id=~ HTTP/1.1
Host: imp.onesearch.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
server: awselb/2.0
date: Tue, 27 Sep 2022 22:01:12 GMT
content-type: text/html
content-length: 162
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8815
Expires: Wed, 28 Sep 2022 00:28:08 GMT
Date: Tue, 27 Sep 2022 22:01:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8815
Expires: Wed, 28 Sep 2022 00:28:08 GMT
Date: Tue, 27 Sep 2022 22:01:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 913
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 910
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cfd0596-5b8b-4a41-a6fb-93e46d7eebaf.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cfd0596-5b8b-4a41-a6fb-93e46d7eebaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d569b3ae8d704ad9100ba4f11a632cb8
d311aa07fe9e05f84f6bcc4320c7bea6b95dd202
3425f374243fabdd434e2b555ec1561dd91c2bedbc187cf5c49ce38b4b7642da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cfd0596-5b8b-4a41-a6fb-93e46d7eebaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10593
x-amzn-requestid: 165366e6-f7b6-4087-9370-1b4e413da9fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VRFKzoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c21-6bf91447296a7b09770dc2fd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:21 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nih2VrFo_PgmAUnv6VpsLiSAhaHqQKNIt4jY_NGKOToa7MRMMH7Ubw==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "d311aa07fe9e05f84f6bcc4320c7bea6b95dd202"
content-type: image/jpeg
age: 735
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccfb4931d41ca01aa55b4b8e9ef6b4e1
2351d2547f4bd0aac45bb21a5aa8277e80ef15f2
89de9954ee2874b476c907810189812efe13234a46910180f34f68082429260f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7020
x-amzn-requestid: 1258ee7b-987a-4454-8963-e76b7c1470f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4EVxIAMFrmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7a1fbaa251600686757f9583;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ISJfVYtY7kLIm87GZEvqMmEr3D4vYcZDi-WJAu4GyaxLQKRUDbVjg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 910
etag: "2351d2547f4bd0aac45bb21a5aa8277e80ef15f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 735
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c58fdf09a7d552be0c8666522a29de7
60c873f097c85376797fed366804119f7e9c445e
24569f084d3fd428526503bde8b3da64152911934cd5e0e9140c06d954e4bcd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9314
x-amzn-requestid: ed84d0e5-30c5-4841-ba9d-3626234b2056
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VbFqBoAMFy-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c22-5d0ccbc31fb085be45ef947b;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yBDUlVwqRnXuJKsaz3vbFNhtNvihQMuk5wX5y4UmEKm1D21wSVdJHQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "60c873f097c85376797fed366804119f7e9c445e"
content-type: image/jpeg
age: 735
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/map_icon.png
143.204.42.86200 OK 5.4 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/map_icon.png
IP 143.204.42.86:0
File type PNG image data, 515 x 515, 8-bit/color RGBA, non-interlaced\012- data
Hash f4ba36696f18f389f2a89a6ebafee4d6
33deab6e49d0456db58d254d21075666daba9505
eb798ba2de41cf3671f00d3491073895458e0e8a6f096e654e4ad2b342277087
GET /quicklinkicons/map_icon.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 5449
date: Tue, 27 Sep 2022 05:03:17 GMT
last-modified: Thu, 16 Jan 2020 20:40:58 GMT
etag: "f4ba36696f18f389f2a89a6ebafee4d6"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uoWXfDjm6ENUBN3fZJoEW727OVvZ1GDgcUfuQ9mj4xAOfxS5MoC8TQ==
age: 61078
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/googlemaps.png
143.204.42.86200 OK 614 B URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/googlemaps.png
IP 143.204.42.86:0
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash 9f317837784d1f50d9674e31752271e4
ee01e002ebcdb90d3ddff4409bd3f6a63689604b
887e8e49137d40e9de2107a862aeb0a3e4931fafd75fda2432fd2d1161113106
GET /quicklinkicons/googlemaps.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 614
date: Tue, 27 Sep 2022 05:03:17 GMT
last-modified: Tue, 11 Aug 2020 19:14:24 GMT
etag: "9f317837784d1f50d9674e31752271e4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KO56cPcnRVXoua75oJXCgLQMAk2H6nocJ95igqrGxr0fMZmJrJSy7g==
age: 61078
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/bingmaps.png
143.204.42.86200 OK 1.6 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/bingmaps.png
IP 143.204.42.86:0
File type PNG image data, 24 x 24, 8-bit/color RGB, non-interlaced\012- data
Hash 84d7576431051de70ff86923e8dea7dd
5f08d7296cb3ec15b54d1c828aba57ea3b80b1f7
c721a22a877be67ea0e21f34677a5873855ecd4ed7df4a63c82968a376981c6f
GET /quicklinkicons/bingmaps.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1607
date: Tue, 27 Sep 2022 05:46:56 GMT
last-modified: Thu, 04 Jun 2020 16:25:29 GMT
etag: "84d7576431051de70ff86923e8dea7dd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PFy9WsswmyghdAuEjhN-V0RgpZJH_rAqKZjexvpm2S96FefO2X-hOw==
age: 58459
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/myemailsimplified.png
143.204.42.86200 OK 9.5 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/myemailsimplified.png
IP 143.204.42.86:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 063b92388bbb111681700e7062987557
47103c8f873ca823c5a3b9fcbdd915b68d4f5f57
b4a6b476a91fb8abd5f39ffdd574172963fada2f561b94f5fbb85379f60874c4
GET /quicklinkicons/myemailsimplified.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 9460
date: Tue, 27 Sep 2022 04:43:20 GMT
last-modified: Wed, 05 Jun 2019 15:29:36 GMT
etag: "063b92388bbb111681700e7062987557"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9wbE4ejce910DbXde4PS-H8Y0EAuuu_boGHxfPGDEPPvT60P0mYDmg==
age: 62275
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/nationalweatheragency.png
143.204.42.86200 OK 15 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/nationalweatheragency.png
IP 143.204.42.86:0
File type PNG image data, 48 x 48, 8-bit/color RGB, non-interlaced\012- data
Hash 8f8b4cbfe11392e4f33d47ab000e6a17
3c36a8ac3a0cc4e7f95e2ce75150a456031f3717
37fc00df7da62179f86c3010973bc56ed486593117deb5c0e9ed6ec6fb57ad06
GET /quicklinkicons/nationalweatheragency.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 15419
last-modified: Wed, 05 Jun 2019 15:31:44 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 06:20:32 GMT
etag: "8f8b4cbfe11392e4f33d47ab000e6a17"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lpl4UbulQN_KjY4wuJ0ZKEd3K10Ujv9vl0vX-fkK_mzZLHbPvhayhQ==
age: 56442
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/myquickmaps.png
143.204.42.86200 OK 5.4 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/myquickmaps.png
IP 143.204.42.86:0
File type PNG image data, 515 x 515, 8-bit/color RGBA, non-interlaced\012- data
Hash f4ba36696f18f389f2a89a6ebafee4d6
33deab6e49d0456db58d254d21075666daba9505
eb798ba2de41cf3671f00d3491073895458e0e8a6f096e654e4ad2b342277087
GET /quicklinkicons/myquickmaps.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 5449
date: Tue, 27 Sep 2022 04:53:06 GMT
last-modified: Tue, 11 Aug 2020 17:57:37 GMT
etag: "f4ba36696f18f389f2a89a6ebafee4d6"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Fyt-IujRbTZpxoo722C6-6sXVpBDbGD2gGUFVrDxM2md1mBEpk8RuQ==
age: 61689
X-Firefox-Spdy: h2
dap2y8k6nefku.cloudfront.net/quicklinkicons/news-6.png
143.204.42.86200 OK 1.0 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/quicklinkicons/news-6.png
IP 143.204.42.86:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash f9bb30c6efd7682d41b6136059f10b03
8b730054ef6cd347e75c1a35328ad9135bc6c9fe
57a416d3df5bd1b0448c61aaf5db48d52239fb32d2ade2ec9925e493c79869ec
GET /quicklinkicons/news-6.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1030
date: Tue, 27 Sep 2022 01:46:27 GMT
last-modified: Mon, 27 Apr 2020 20:33:44 GMT
etag: "f9bb30c6efd7682d41b6136059f10b03"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7JeY1F3BG_bivVMSGjHHFqwck30LSJDPfgHfy6y3hv2E0p-2-1WLBw==
age: 72887
X-Firefox-Spdy: h2
d3ff8olul1r3ot.cloudfront.net/aff/maps.png
54.230.245.141200 OK 8.1 kB URL HTTP/2 d3ff8olul1r3ot.cloudfront.net/aff/maps.png
IP 54.230.245.141:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 0be18fae7ee83358e21e9dbe813775bb
be6ab5a5c9dbef62af71aa068f5cf5e5483cd69a
2b69f3787a34a3a07587564d17cd62df7c2881f600b21a8efcabb8cb4d8640b3
GET /aff/maps.png HTTP/1.1
Host: d3ff8olul1r3ot.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 8087
last-modified: Fri, 20 Sep 2019 16:27:06 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 07:13:01 GMT
etag: "0be18fae7ee83358e21e9dbe813775bb"
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sMPWxZEYFCxtfofrdav4TqXorftAfpZ1eJ4XgNlNRcYxrOjRsr9_qg==
age: 53294
X-Firefox-Spdy: h2
search.hfastmapfinder.com/favicon.ico
54.172.140.145200 OK 112 kB URL HTTP/2 search.hfastmapfinder.com/favicon.ico
IP 54.172.140.145:0
File type MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data
Size 112 kB (112173 bytes)
Hash 504432c83a7a355782213f5aa620b13f
faba34469d9f116310c066caf098ecf9441147f1
df4276e18285a076a1a8060047fbb08e1066db2b9180863ec14a055a0c8e33f1
GET /favicon.ico HTTP/1.1
Host: search.hfastmapfinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://search.hfastmapfinder.com/
Cookie: nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 22:01:14 GMT
content-type: image/x-icon
content-length: 112173
last-modified: Wed, 10 Feb 2021 21:38:05 GMT
accept-ranges: bytes
etag: "e7d7ea3f5ffd61:0"
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
X-Firefox-Spdy: h2