Report - xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a

Report Overview

Submitted URL
xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
IP
172.67.203.142
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-27 18:03:27
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.213.75
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	14 kB	151.101.65.229
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.21.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	49 kB	34.120.237.76
xfjportal.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.7 kB	163 kB	104.21.74.143
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	1.4 kB	142.250.74.131
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.33.119.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-27	medium	xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar	Malware
2022-12-27	medium	xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar	503 B	2023-03-08	2023-05-24
Pretty URL xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar IP 104.21.74.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:49:35 Last Seen2023-05-24 05:43:27 Times Seen3 Hash 831a5ab58b3839fbf1f3973221ddb6bc 3de68562e927c70c019bc87f3f832fbe8a9bc7fc 49688756cf73d745371cc654c9689be968f2e3ef223ce3e58c47533715aa45df Loading...

	xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar	218 B	2023-03-12	2023-03-12
Pretty URL xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar IP 104.21.74.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:21:23 Last Seen2023-03-12 09:21:23 Times Seen1 Hash 49a2715f381b0ff9b9b5425004e53f63 10ccb3501dae318ac617d81e9116d8cfeb8037be c2c58436f35b04bc7dd7619e60da110e89261a899fd20f186493785a45de282b Loading...

	xfjportal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	10 kB	2023-03-07	2024-04-19
Pretty URL xfjportal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 172.67.203.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-19 17:56:33 Times Seen37101 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	xfjportal.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2	5.8 kB	2023-03-07	2024-04-18
Pretty URL xfjportal.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2 IP 172.67.203.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-04-18 13:42:00 Times Seen1061 Hash 16fb1664ddebf663a909c51d40ad7914 2308baa783d4f9ba97f18ace350b7033dcc3c2d3 d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89 Loading...

	xfjportal.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14	14 kB	2023-03-07	2024-04-16
Pretty URL xfjportal.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14 IP 172.67.203.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2024-04-16 23:57:42 Times Seen2294 Hash d6aeffd9e0126160ff89d369c05a5fbe 8480b15ad38e8e1d67960e72b513fa4f463e2cc1 95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0 Loading...

	xfjportal.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	97 kB	2023-03-07	2024-04-19
Pretty URL xfjportal.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP 172.67.203.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-04-19 11:25:12 Times Seen17720 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	xfjportal.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-19
Pretty URL xfjportal.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.203.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 18:14:46 Times Seen54562 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar	102 B	2023-03-07	2024-04-19
Pretty URL xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar IP 104.21.74.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-19 11:02:50 Times Seen6714 Hash 336b4b067dcb50351d5e2d7c92cf1631 9709109f27eaad0c5a1e50facc142f8f197a11b6 ef2f7f28db32250196ae2c8242611a7f7159c2a539dabd40b82071b1c07561c6 Loading...

	xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar	2.2 kB	2023-03-12	2023-03-12
Pretty URL xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar IP 104.21.74.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:21:23 Last Seen2023-03-12 09:21:23 Times Seen1 Hash 0967085da1d93e6e725b3478df25f2ae 293ff65dfecbffb56d642b8696f1348b79f1b5a5 6f67c00c9a2d3e493d8070424ea8dd4d744d92cb19d49b689de962140003aee4 Loading...

	xfjportal.com/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20161203	3.8 kB	2023-03-07	2024-04-16
Pretty URL xfjportal.com/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20161203 IP 172.67.203.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:28 Last Seen2024-04-16 07:13:32 Times Seen444 Hash a1b6700f33c6b26416732e62b04e173d 6b7ad6755ad1ebbaffdc03d742d260a1e5758669 b5dc8a0ea6886f4daba8c6e6b722071a21796725c2c59ea0ce264d0d7019de52 Loading...

	xfjportal.com/wp-includes/js/wp-embed.min.js?ver=5.3.14	1.4 kB	2023-03-07	2024-04-17
Pretty URL xfjportal.com/wp-includes/js/wp-embed.min.js?ver=5.3.14 IP 172.67.203.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-17 18:30:12 Times Seen2983 Hash 570ae0f3c201604926ea599d3d1f6c04 2c29243a73660964d4712b969d2a15e27777bc14 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b Loading...

	xfjportal.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121	7.8 kB	2023-03-07	2024-02-12
Pretty URL xfjportal.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121 IP 172.67.203.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:28 Last Seen2024-02-12 17:32:03 Times Seen224 Hash ebbcd62ce678e0337cafc1e2d66c0cda ca1ecb4faebca10faab8c747d48ef3c1926fb1e8 c6d9599b5f75bd2619299f87d5b979f14955c35d2dd34050ff13ab0609297d7c Loading...

	xfjportal.com/wp-content/plugins/wp-captcha//assets/js/c4wp-public.js?ver=5.3.14	606 B	2023-03-07	2024-03-19
Pretty URL xfjportal.com/wp-content/plugins/wp-captcha//assets/js/c4wp-public.js?ver=5.3.14 IP 172.67.203.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:57 Last Seen2024-03-19 16:44:41 Times Seen134 Hash 0469280df1b5db2c0d798262ffd4bac2 7373b100d21b43c3aa85ad87e1391c388f10fe26 17fcd166df6ce7d93463627e2c7308d5f933098e71b6542433f50fa06326e5de Loading...

	xfjportal.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114	683 B	2023-03-07	2024-04-18
Pretty URL xfjportal.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114 IP 172.67.203.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-04-18 15:44:34 Times Seen3276 Hash 75abd4cd8807b312f9f7faeb77ee774b e7b7a7ed06d0123ab8667a1d1eeb23de9f2bece7 ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034 Loading...

HTTP Transactions (38)

URL IP Response Size

xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar

104.21.74.143

301 Moved Permanently

0 B

URL HTTP/1.1
xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
IP
104.21.74.143:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Dec 2022 18:03:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Dec 2022 19:03:16 GMT
Location: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uub8Si187RQRQPfK4xiHhw4I6fgBIJQH3FSADj2xvpWQwsEuq4hX2rQo5%2BJRP%2BdWYN35ks4hHxX2LCzu5971NbxrkP1zHRJQSiTGLDhHJW7RcCVxsUDPcpahDcw60ehl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7803f8d7180cb506-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
67f508aae634a023b587a7129a5b8039
2ff7e1d29b497147941d0abf581411cbd2722d7b
eee5fda5214bd4f75b0934bb1f14429fe01251628026fd0f18f117b38848601c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE5FDA5214BD4F75B0934BB1F14429FE01251628026FD0F18F117B38848601C"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10116
Expires: Tue, 27 Dec 2022 20:51:53 GMT
Date: Tue, 27 Dec 2022 18:03:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb20c18681040b740ab1730562beb45c
abedefb801b0e13987d6619a77e0368771f9dfcb
288c1832db391da57e3d74ffa893ec2c47ef9c1945f85b88473c563b55a3dfb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "288C1832DB391DA57E3D74FFA893EC2C47EF9C1945F85B88473C563B55A3DFB3"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5828
Expires: Tue, 27 Dec 2022 19:40:25 GMT
Date: Tue, 27 Dec 2022 18:03:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 27 Dec 2022 17:46:40 GMT
content-type: application/json
age: 997
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b2d59bdbb1ca6324590988ec031cf1fc
bfd4e25af37dcde4bac38d9b178c5ac8e50f8834
cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4045
Expires: Tue, 27 Dec 2022 19:10:42 GMT
Date: Tue, 27 Dec 2022 18:03:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: WukkZ8QybPujhy3VESFcig0gvkcac8Iv6DGefWx355+Zj1KspdkHKRmv+mTyQgY8TgOopflTS3M=
x-amz-request-id: QG1ZEST48Q161Y3T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Dec 2022 17:55:49 GMT
age: 448
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 18:03:17 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Z74zkiH92ho

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Z74zkiH92ho
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ab00b2aced0b68e239f41bd1dd3a24d3
19ebf3a5a804ef25bec7fd76d6bd8b7512abe67a
d397045e1140b491434d956263e7aaa980b774d284ff9739135b2c3bfb74cd31

HTTP Headers

POST /s/gts1p5/Z74zkiH92ho HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 18:03:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 27 Dec 2022 17:33:30 GMT
age: 1787
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60b8396db0bbfa5f2ae7e34c9d04ebcc
50b6c68aa2b2a459315a9989f5d3e326e8ad5539
c10a1e0f984b121958a5cfa3b45b746db85d33c9073fcacb019d9bb27ef3b073

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5998
Cache-Control: max-age=146615
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 18:03:17 GMT
Etag: "63aab5ae-1d7"
Expires: Thu, 29 Dec 2022 10:46:52 GMT
Last-Modified: Tue, 27 Dec 2022 09:06:54 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.213.75

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.213.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ReiKrmCJD/yK5frWadOQIw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +1r7vHCQg/+R1QNwKJjbbAIzYFA=

ocsp.pki.goog/s/gts1p5/Z74zkiH92ho

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Z74zkiH92ho
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ab00b2aced0b68e239f41bd1dd3a24d3
19ebf3a5a804ef25bec7fd76d6bd8b7512abe67a
d397045e1140b491434d956263e7aaa980b774d284ff9739135b2c3bfb74cd31

HTTP Headers

POST /s/gts1p5/Z74zkiH92ho HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 18:03:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/wp/wp-slimstat/tags/4.8.8.1/wp-slimstat.min.js

151.101.65.229

200 OK

13 kB

URL HTTP/2
cdn.jsdelivr.net/wp/wp-slimstat/tags/4.8.8.1/wp-slimstat.min.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (38178), with no line terminators
Size
13 kB (12971 bytes)
Hash
a29a48543e4f4a46a12873f7916af2de
5c61a029940d4b8c6526e9b55152bb41e1edbf2f
92482133b58fa4be58bc9d6709051cbe154e45393248be61b76e4a24c2500991

HTTP Headers

GET /wp/wp-slimstat/tags/4.8.8.1/wp-slimstat.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"9528-ibunHRgV3PlNaAz6vnmPhMZzQGk"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Dec 2022 18:03:18 GMT
age: 4889677
x-served-by: cache-fra-eddf8230064-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12971
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
601b11d5a6aa362dd5c6505a14aa27bb
4590f6e3513e87bc40fa23a48f78c60432263635
cbde53d62bdac60113d4694cdf5851e52521a2c7d41b0dc8443bd5b1830716e7

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 18:03:18 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0EA5E75DC8522C1AB3D3891F5F5AF84AB933F474"
Expires: Wed, 28 Dec 2022 05:00:00 GMT
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3424
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7803f8dffde70b3d-OSL

xfjportal.com/wp-content/themes/twentyseventeen/assets/images/header.jpg

172.67.203.142

200 OK

115 kB

URL HTTP/2
xfjportal.com/wp-content/themes/twentyseventeen/assets/images/header.jpg
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 2000x1200, components 3\012- data
Size
115 kB (114854 bytes)
Hash
8030438c0c9b454bad3e94357cc28b51
c185138e7304e999ad9c49bbd3818b686077bac3
4503af815b99a57b1d22ddd6a5dc893bef6af00baab04ff2b5bce2288e97320e

HTTP Headers

GET /wp-content/themes/twentyseventeen/assets/images/header.jpg HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:19 GMT
content-type: image/jpeg
content-length: 114854
last-modified: Thu, 17 Nov 2016 17:13:30 GMT
etag: "582de53a-1c0a6"
expires: Thu, 26 Jan 2023 18:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ymXRg9n9NqL7BMuGjoBvcT47Mex%2BhORC2fz0sSTcErJFDWhJunSEhK0R9Jjmkb5LR5eYKarvXZIbCvw20GIRNDt4q03gSfzAvAPX80PQWqHrobMmCXiKdOieQ0W2WPN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7803f8df08340b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15639
Expires: Tue, 27 Dec 2022 22:23:58 GMT
Date: Tue, 27 Dec 2022 18:03:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15639
Expires: Tue, 27 Dec 2022 22:23:58 GMT
Date: Tue, 27 Dec 2022 18:03:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15639
Expires: Tue, 27 Dec 2022 22:23:58 GMT
Date: Tue, 27 Dec 2022 18:03:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15639
Expires: Tue, 27 Dec 2022 22:23:58 GMT
Date: Tue, 27 Dec 2022 18:03:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9452 bytes)
Hash
e38d94b0be1b10ecac941b497f57c861
12911cd039f5c7b05013ebbc369aec5613134906
38a41df0d4f4405e8ecf6b379431bdb87eaed40e20481262b43d1fd127c010fd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9452
x-amzn-requestid: 33cc3d31-2503-4bd4-86e0-cc0358331e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNblGXqoAMFn9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2b0-7e472adc455ed2536b6b2223;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: A02ns_3LvPv6bo3V-FcJ-0_sN8LlMTk3OQInwaS0k-0-sAt5TsweSg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 22:02:46 GMT
age: 72033
etag: "12911cd039f5c7b05013ebbc369aec5613134906"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15371 bytes)
Hash
a4b903e264b412e69e5f22091bf423ea
92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f
8d5d90968489731604a2286d9e2b9a307147a3cc0b1ffd32f1186ceea9b8fcff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15371
x-amzn-requestid: 63d10011-ae3d-48fb-b892-26d94dc6ef83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVs8EVDIAMFTOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4031f-3da712a621773d56567c014f;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2dVU6KIg3WiMurg-pgSmReyT89IjMeJUptYrHaPJiDTOaPr0PqrO6Q==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 07:24:37 GMT
age: 38322
etag: "92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
b373925ce249ca67e6984c436f5cd2b8
ddbc25025b933587990f8e9c32e91c9773256840
7d3c992b715283efeba9bee2e5c08042267017e76074ca6aad870e1dd45b4564

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9007
x-amzn-requestid: 15b3b2e5-d493-4b54-aab4-7374bf892e83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: drrFbESxIAMFikw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7beef-37f4ab8e7738b186705bb1db;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 03:09:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SgjNBdI4lkk3DIdROxkZ8sdadoe-pewXA9Q5M55pGe-LNk012lLFmQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 03:27:32 GMT
age: 52547
etag: "ddbc25025b933587990f8e9c32e91c9773256840"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
bf353b055c5b241dc127a5f348288bd7
967babae78ca060a48978d1a29a20b459fa89aa2
4def932d04f53426b80ac7f3f366e1e8af0c76670f94c9ebd613309e2982d433

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 46bf3684-b3d9-4948-ab4b-09477cf5af0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxg-TEd2IAMF9jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa1528-4eebb1950a70fb2d3a718426;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:42:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t-fFjRek8hGyiY7C49TCIXNHjWLSjsyOh8duU4ZHsrRIhqNSwptK9g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 73103
etag: "967babae78ca060a48978d1a29a20b459fa89aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

xfjportal.com/wp-content/themes/twentyseventeen/style.css?ver=20190507

172.67.203.142

200 OK

24 kB

URL HTTP/2
xfjportal.com/wp-content/themes/twentyseventeen/style.css?ver=20190507
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (463)
Size
24 kB (24303 bytes)
Hash
5cf90e576143c5833d1f2951ebda826f
14c878583f9ac21e022c11a05211ece1245de2ac
a03bbd43c5853377e0517dd94dda13f5c31013eda98f612c5a0a8f7a2ee0d05b

HTTP Headers

GET /wp-content/themes/twentyseventeen/style.css?ver=20190507 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: text/css
last-modified: Mon, 11 Nov 2019 11:39:04 GMT
vary: Accept-Encoding
etag: W/"5dc94858-14692"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ufa2WdIMd71UfBFdSqr%2FAoEne8UuuaV%2B8e7ylqfuYF6j8t6LrQeDkkLr4OcPS3cqChvAEm2elwCQCWrU5gWNJWAyCED8z0cIeLvSjZjnxGv24XxV%2BtQPvf16ihu3dOa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8def8240b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-content/plugins/wp-captcha//assets/css/c4wp-public.css?ver=5.3.14

172.67.203.142

200 OK

11 kB

URL HTTP/2
xfjportal.com/wp-content/plugins/wp-captcha//assets/css/c4wp-public.css?ver=5.3.14
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
11 kB (10799 bytes)
Hash
6e7fb3e9237d3dcc4e9c5d5b3e5f011b
25e4894e7b8ca6391d18b9e2c804658be93c8061
bf2a86cf117163bc08f98303eed4b303e94bae91f6ccba4316653cbc802b6bff

HTTP Headers

GET /wp-content/plugins/wp-captcha//assets/css/c4wp-public.css?ver=5.3.14 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: text/css
last-modified: Thu, 01 Jul 2021 08:18:11 GMT
vary: Accept-Encoding
etag: W/"60dd7a43-5d5"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0drV65Yc%2F38XlA%2FKlLqejljKvmunK7hbHAFPYElh%2FBPbSfVEa1YSwWgUClnDOzDycCaB45Bp8rLPkzUshS21K0BzWoO0eV5xqvG9UU6ZRvv0PvVZBypnUaqNI96Yb%2BRy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8def8210b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:36:20 GMT
etag: W/"63a1e484-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsVRKRDSC6uK8Glh04gMebd86YwBV%2Bjz91hU%2FVSxL8AP5i0hOK%2Bwe384WQaVftThhjgp2lP3l7lLRV1yhi6hvS9IklAez3dx3oQjOR2qHFIyMvgWwcyt0%2FDNgyna2lLQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7803f8df08380b31-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 29 Dec 2022 18:03:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

xfjportal.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/twentyseventeen/assets/js/global.js?ver=20190121 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: application/javascript
last-modified: Mon, 21 Jan 2019 22:08:49 GMT
vary: Accept-Encoding
etag: W/"5c4642f1-1e4a"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCYVJ%2BbwAsEF0qn1PcRpL0kUei%2FkKTWvYeq1OgYIkXAgndPU28yUaumKXiyFL2o8i0NSpfMMRuZERESM8x0Brh0D6WYaPnu2RjiP41Pz3Y5D3uSGJrTKplpjWcdY9%2FOm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8df18450b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.14 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 03:45:07 GMT
vary: Accept-Encoding
etag: W/"6077b6c3-3619"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJbMcGtxXDWOl72o7HsxvDAphPYUOG1rR43PuZVfY5XBEr%2FQcFmMeHyHVWWKydi%2BGqiD4kofGpBuZttM3lw6o7Msm7DL7lFWIxv2JpeKlu4CFMd2AUGwNEopVWvw%2BW5L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8df58870b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: application/javascript
last-modified: Mon, 14 Nov 2016 11:41:31 GMT
etag: W/"5829a2eb-2ab"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUdQkJZOL%2F5qgs2wFm5D%2BSguzs57RewKX2dL3zLglZRdJQR%2BptbJYcyzELBqm5csziCgKshT%2Br%2ByhWwx%2FbId393DN1wcN3ME9IQgmtL%2FBLQ4DVDjq9z78BFY2cFA29UM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7803f8df18410b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-content/plugins/wp-captcha//assets/js/c4wp-public.js?ver=5.3.14

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-content/plugins/wp-captcha//assets/js/c4wp-public.js?ver=5.3.14
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/wp-captcha//assets/js/c4wp-public.js?ver=5.3.14 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: application/javascript
last-modified: Thu, 01 Jul 2021 08:18:11 GMT
etag: W/"60dd7a43-25e"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8mHcT9D83FwNkWTaGnOdHXXq3IV00cqRfVw1n3ow4UMQslXgD2Zz7XtHXiGMeEvAyilCJhheYdlc%2FlBSkp1LwFBa%2BLTOaFjrR%2BUM%2Ft7ZsY1XCmEQ2F%2BVXYrlsDWLtBM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7803f8df082f0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20161203

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20161203
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20161203 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2016 03:41:41 GMT
vary: Accept-Encoding
etag: W/"58423ef5-eaa"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Bx4X%2FWiOhKwzAmctBGpVfEm8zLU84yP%2Ba5OL%2BG2QzJF%2FHJIbSVSgYIcyCN1M3zCagdEghqsXp4uJrISJqfRpHgh%2FwTL91PcXzL2LgWO1kclOGJmvhm8urLIH5ZDg25V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8df18440b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-includes/js/wp-embed.min.js?ver=5.3.14

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-includes/js/wp-embed.min.js?ver=5.3.14
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.3.14 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 03:45:07 GMT
vary: Accept-Encoding
etag: W/"6077b6c3-56f"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYZfQXcc2w5LSBDFavLvFMlXh4HwTtfPB%2F0gvnZ3EwJ0M3Uefw0t4wH7dvGKxL80av%2FXIQndzNmjzQqzLPBxxMkr%2B1A2fPeT9oC2hdqe1Sxeg5%2FymEWqSwLeOCErWpsj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8df18490b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:19 GMT
content-type: application/javascript
last-modified: Fri, 17 May 2019 04:25:54 GMT
vary: Accept-Encoding
etag: W/"5cde37d2-17a69"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnJSxF1d7i%2Bo%2BBeoER1qpPjaxHnOr5AaauhhyDuN7I57mtpQqBr7ylmvmdHM6HEINpicNgZSK9tlire1IaibCLNAdvyj98NrkxXb6%2FeUWblO1wQMFm0pqWzAXEk57g0K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8df08280b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar

172.67.203.142

404 Not Found

0 B

URL HTTP/2
xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=2678400, must-revalidate
link: <https://xfjportal.com/index.php/wp-json/>; rel="https://api.w.org/"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3gAeCFUdCWyPUfqTe1eI8e9rvs1I8gzI2AdlmvRhSlc2bhVOvbVeNfyJ0GbaH86UA9GaAYMK1SgmTNdithH7fl38CDKKef7NySod%2BqMcT5QndSO4DM97gHcqwEmQG8c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8d9fc530b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: application/javascript
last-modified: Fri, 20 May 2016 06:11:28 GMT
vary: Accept-Encoding
etag: W/"573eaa90-2748"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynVS1wj4KJ7tUoPc%2BFbw%2FvqhSI7sQdcVPzb2CmZyn0BKg4yz9gdaDfGOG5bv7zHiOCZlK3odBFnEaUjCq5nzhVXQ%2FhIn9j1e1EZHLmbbAt18aMybcDEb21qTIj1KJlAT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8df082e0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20190105

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20190105
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20190105 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: text/css
last-modified: Sat, 05 Jan 2019 21:16:49 GMT
vary: Accept-Encoding
etag: W/"5c311ec1-27df"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LF3hO7b2qzCP%2BRtcSoBQubFOsCzSptCJV5kTdT7MTiNDXMqsp%2B2G15B3s7kmed0TwvbEB%2FhpUQ%2Bx0xcG9zxCMzUOSFsRykvBLunJ%2Fnw6W%2FdCYjA4%2BKSjgr3z3aHiSgv5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8df08270b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: application/javascript
last-modified: Thu, 20 Oct 2016 04:12:31 GMT
vary: Accept-Encoding
etag: W/"5808442f-16cc"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybk%2BjeBr7yPAIhVL5we6yve%2BuqWoMLywZKJxAvpxWA9BRggf4aHPN1YOKXh9DW0VDR5j1IpWHw2S1Rtr5UcA1qJPQhm3Nim%2FN%2FDdKhDnNkWH3ZQ17%2FUukouALhuF9OCD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8df18460b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xfjportal.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14

172.67.203.142

200 OK

0 B

URL HTTP/2
xfjportal.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
IP
172.67.203.142:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.14 HTTP/1.1
Host: xfjportal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfjportal.com/wp-content/uploads/2022/01/sm2258xt_snk-bics4_pkgt1023a_fwt0910a045-3e-99-b3-7a-6b.rar
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Dec 2022 18:03:18 GMT
content-type: text/css
last-modified: Fri, 31 Jul 2020 02:48:48 GMT
vary: Accept-Encoding
etag: W/"5f238690-a055"
expires: Wed, 28 Dec 2022 06:03:18 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isk5lS%2F1ViFHtp7t1tmjdNlDtXnoW5VoRWlRJIgZ8iENTMefL4RjmbqMQs8ue4T4Vk8T%2FWg2MP%2FH%2BtnryTokvHHEetfE1DmWGdAzQjWd6jiTpD7iCRahwJyOGebgViI8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7803f8def81b0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations