r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10010
Expires: Thu, 01 Dec 2022 12:51:36 GMT
Date: Thu, 01 Dec 2022 10:04:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12987
Expires: Thu, 01 Dec 2022 13:41:13 GMT
Date: Thu, 01 Dec 2022 10:04:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1380
Cache-Control: max-age=89373
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:46 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 10:54:19 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: S+xbjKMmgxUvQZLlWRDl5Jhl0R2ug/gyBgdsBP72NXVEgluprJMMdFu60og8VMSG6mNy3Zx/2PQ=
x-amz-request-id: 0FXN26HAQ6B2BN0W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 09:45:37 GMT
age: 1149
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 09:19:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2700
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 10:04:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
xomoquarry.live/?s1=350619&s2=861708570&s3=1363&s4=&ow=&s10=739
104.21.84.29200 OK 827 B URL HTTP/1.1 xomoquarry.live/?s1=350619&s2=861708570&s3=1363&s4=&ow=&s10=739
IP 104.21.84.29:0
File type HTML document, ASCII text, with very long lines (1804), with no line terminators
Hash 49edbc9bc2bf5713674cdd140bfb2e2e
69382afdde30e74bc39bb260568f39e97937e13f
78a9bc61cabceb19d5d566460e99d214cf15e87044d0651c16299f7f7488c1f5
GET /?s1=350619&s2=861708570&s3=1363&s4=&ow=&s10=739 HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZaFgtPyZVmEUjnbBPjK5E4mcX1YQ869f19A6U38etKaX%2Br5oEK%2FStkb%2FdqUeWlm2D7OdRG7P1HnpTDO3GPG86uQ5JeS3BEpFisn7DnOBoINL6ZhnzZ9FmNEXGax67n6JZU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b0022fb570b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 09:08:56 GMT
cache-control: public,max-age=3600
age: 3350
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1353
Cache-Control: max-age=170676
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:46 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:29:22 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
xomoquarry.live/favicon.ico
104.21.84.29200 OK 1.7 kB URL HTTP/1.1 xomoquarry.live/favicon.ico
IP 104.21.84.29:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 959c8301752d9dae8d7d178b6fe18cc4
5d585d9efde2ab963cc624d4d16dcac555eebf75
8ff025dc4f88df2b69948687aba576a8a74085a1b4e272915598171c3ff6f8cb
GET /favicon.ico HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:46 GMT
Content-Type: image/x-icon
Content-Length: 1702
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:46 GMT
last-modified: Thu, 29 Sep 2022 23:17:52 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPvrNNQY3ngFnPO%2FWUkqNew4VvEkRUeyyyffFWvHvX0Voj1ydqrgXvM%2BTtlIOGRQh6LKfkvHzKB9nSQtPlEF2hmGA2Fhr38lVFcZjCu4SuI38Ij5VsVWgd%2F7alIAKSX1urM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00275f280b49-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
35.165.176.211101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.176.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /4svOGGHbmuZXgOkZ9mzmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SKrQRw9gZnbjXwB2Z+FyQ85T9m0=
xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f?_ax=w
104.21.84.29200 OK 23 kB URL HTTP/1.1 xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f?_ax=w
IP 104.21.84.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (61513)
Hash 6159ef1609baf91d48ea47939369427c
9b94842b5803c8eeca33db1106910f8df46574d9
09a4cccd16b6b366ac5332adcd7318e06367b101300ef56cc385a6141e8ce894
Analyzer Verdict Alert fortinet Phishing
GET /4caeb772a1ad4e8fdb784ce19c7e507f?_ax=w HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0c86HXCHVM3g2MhaCqiSee6oSbcXY%2Bjke0ZD%2FHdI4CVYtdPEWQPD83tSrdQSnjrNt8sKQOWUvGA5M5xGf21Yherplmbrktw7%2BVQKqnUXL3X2fdTTHMDWHG5m%2FKDOq0I5u64%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b0026cc44b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
142.250.74.40200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 3ab3b0f394b010f6357f9a9743e8896d
e77e77d34a604937cc056d625cbe1838a8a6c014
09c4b2fd56bee9573e178fe89ac7aa8ae659524ae7fd095b28ca5489008874f9
GET /gtm.js?id=GTM-M5FVHZX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 10:04:47 GMT
expires: Thu, 01 Dec 2022 10:04:47 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41859
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xomoquarry.live/inc/msg.js
104.21.84.29200 OK 450 B URL HTTP/1.1 xomoquarry.live/inc/msg.js
IP 104.21.84.29:0
File type YAC archive data\012- , ASCII text
Hash ccd1e670cf3e585961dc2814b75b8a14
4e68d218d63cb2aed4df6a1958b19156f3b88eda
42379dacfe8f57ac955c63ed76aef9eadbbd59eede78b7cad5dcefc91eca7d88
Analyzer Verdict Alert fortinet Phishing
GET /inc/msg.js HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:47 GMT
Content-Type: application/javascript
Content-Length: 450
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Thu, 20 Oct 2022 12:25:37 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3TRDk006b1wmom0JPiDaM199Ot66WUWeF4xhS2xEgJ6JOHvUAm4pkMCbGD%2FddS%2FMfffOPZc8jwEonUkzflGCWVlVqBpQXmqMib43f5j7RUQ%2Bd2ZnVlFMu8MW3Fq2yn7y%2Bc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b002bfb17b4ff-OSL
alt-svc: h2=":443"; ma=60
xomoquarry.live/assets/js/vendor/bootstrap/css/bootstrap.min.css
104.21.84.29200 OK 22 kB URL HTTP/2 xomoquarry.live/assets/js/vendor/bootstrap/css/bootstrap.min.css
IP 104.21.84.29:0
File type ASCII text, with very long lines (65325)
Hash 2d8dd73cb1b73b77d7acfe86af6085f5
5759e40d0959e322c96c397e83a5e0136b55d180
932b42dfced279c535ac5f2f1f1a62d7296f43853c4e03dc8e86049174b4982a
GET /assets/js/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Tue, 23 Mar 2021 22:52:06 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQfH8fJrOxvV2bEoJnAGdwiLn9ZWh9iJ6NJAhYEObLzCsEUtzhM%2BTlNkMRIShtk5v6C7F5gnladZ3pGEsawDtwNtbJ4o8eAnq%2ByRCUKwGOOhY5U5I38lLQOGt9uhBH7jcrM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1de01c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xomoquarry.live/assets/css/legacy/1.3.css?v=11e4e3becab4f419078ce633e967a699
104.21.84.29200 OK 2.1 kB URL HTTP/2 xomoquarry.live/assets/css/legacy/1.3.css?v=11e4e3becab4f419078ce633e967a699
IP 104.21.84.29:0
File type assembler source, ASCII text
Hash 45b3ed4f433b165c383deb192e8c876c
d31e9d19fd7842d7194a3dfb4ba3d4d225a1b88e
213d65dce37455d6c05389d6f14358da9d52c918cb129858da994ad9dbc37852
GET /assets/css/legacy/1.3.css?v=11e4e3becab4f419078ce633e967a699 HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Fri, 08 Oct 2021 15:59:38 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Sqz8O7QK%2FeffZHJ8AWaPsHZKaAehVCvGHXT14UIoM1D0iTVjJMFZrnrMi04VuClm4mK%2Fv9vdHJBKqMZQaNoK27%2BgbDBkYDVuhk6RtCBiRBWgYiWu7SGSGvpQqs59uoc3Ig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1ddc1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xomoquarry.live/assets/js/legacy/dist/common-hybrid.js?v=11e4e3becab4f419078ce633e967a699
104.21.84.29200 OK 20 kB URL HTTP/2 xomoquarry.live/assets/js/legacy/dist/common-hybrid.js?v=11e4e3becab4f419078ce633e967a699
IP 104.21.84.29:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c0e0c3ff2c00baf9a74414527b56951f
fa4ad3885fbf034fa1d2a55ddb776e6b0f6fa274
1a043f2416b572c52c2b2c7c06e6e98c9a2929b3c226b9e9fc291cb7554726dc
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/legacy/dist/common-hybrid.js?v=11e4e3becab4f419078ce633e967a699 HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Thu, 10 Nov 2022 20:23:29 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UikI3MH5wG0D56DYEdgAYiHcMAEB4Cwqp0maxKzK0p34exIkegd6%2FZFgM5N%2FMgoJ5NgKpEjrVcDmeZmeUfMN1U6qFCp6JQwFBmi1e4oWOhCzdw5B4eOBwMxfLN%2FQmz%2FpobM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1ddb1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18260, version 1.0\012- data
Hash 6dea752293556883fdae057d588b0bb1
e4d090e03bb920f5ddf7b09937428b2a0a2a9ee0
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
GET /s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://xomoquarry.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 17:03:36 GMT
expires: Fri, 24 Nov 2023 17:03:36 GMT
cache-control: public, max-age=31536000
age: 579672
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08d0b3a59339bb3c4aaa46d0489b9eb8
1290f4282c5d08e383c178b083022be9cdee6029
9798f1a7f313b6521ba3cc70a0d4bda8d18c35194151c726761ebb44f4d748db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9798F1A7F313B6521BA3CC70A0D4BDA8D18C35194151C726761EBB44F4D748DB"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16651
Expires: Thu, 01 Dec 2022 14:42:19 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4>m=2oebs0&_p=476273289&cid=1637113895.1669889086&ul=en-us&sr=1280x1024&_s=1&sid=1669889086&sct=1&seg=0&dl=http%3A%2F%2Fxomoquarry.live%2F4caeb772a1ad4e8fdb784ce19c7e507f&dt=%5B1%5D%20Bel%C3%B8nning%20venter%20-%20Online%20Survey%20-%20Vi%20%C3%B8nsker%20din%20mening!&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4>m=2oebs0&_p=476273289&cid=1637113895.1669889086&ul=en-us&sr=1280x1024&_s=1&sid=1669889086&sct=1&seg=0&dl=http%3A%2F%2Fxomoquarry.live%2F4caeb772a1ad4e8fdb784ce19c7e507f&dt=%5B1%5D%20Bel%C3%B8nning%20venter%20-%20Online%20Survey%20-%20Vi%20%C3%B8nsker%20din%20mening!&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DKB9VH2QW4>m=2oebs0&_p=476273289&cid=1637113895.1669889086&ul=en-us&sr=1280x1024&_s=1&sid=1669889086&sct=1&seg=0&dl=http%3A%2F%2Fxomoquarry.live%2F4caeb772a1ad4e8fdb784ce19c7e507f&dt=%5B1%5D%20Bel%C3%B8nning%20venter%20-%20Online%20Survey%20-%20Vi%20%C3%B8nsker%20din%20mening!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xomoquarry.live
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://xomoquarry.live
date: Thu, 01 Dec 2022 10:04:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12437
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12437
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12437
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive
xomoquarry.live/fim/739-NO/7fd43f70868e0c0a81a70d4d84fba804.png
104.21.84.29200 OK 14 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/7fd43f70868e0c0a81a70d4d84fba804.png
IP 104.21.84.29:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash d1bb2f4eeba183056e73d1c95eb72a3d
4c21008a7372c25f3268fc1294f49d72c4e9e5a7
09e5067a2af7892c98861bc70f0d531dfa734e434371c528dc16a0a388d8c27a
GET /fim/739-NO/7fd43f70868e0c0a81a70d4d84fba804.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 13773
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FG49benDScIq4KlGhuMLgSRtkRjy9a05ndTXAnYwX9jvuL1s8Z6mjI9pPVm6FdDtLKcfkxO4dgaxw04FUrvgOb8ylujsV%2FaZ5LOtny9g%2BZV5nkRV%2ByPjGTEFYTTPrm8JGM8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00309fb50b49-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12437
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive
xomoquarry.live/fim/739-NO/6e36e337ef3f9fecec83130728059c74.png
104.21.84.29200 OK 8.0 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/6e36e337ef3f9fecec83130728059c74.png
IP 104.21.84.29:0
File type PNG image data, 124 x 123, 8-bit/color RGBA, non-interlaced\012- data
Hash 3aa5f4a85f723c846f9adae3ced23e36
b8b9d59b51d024b787c979bc47fceb7fbde67f8a
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
GET /fim/739-NO/6e36e337ef3f9fecec83130728059c74.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 8047
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOnvNtVjJvWA1qQ8iNWn21FdKorT2WAnoq0r3W3OgvFbgtwKRopRENRTs%2BN3qTy7EmV0i%2BZxwgHcRKGNChbsk5X5%2F8tmK%2Bt6nsghkN1r5OcUe2QLjQBXIe7U1AfljgGQbYs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b003098edb51b-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 9e243a73-18ff-4abf-9b9c-442719960125
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpppFXjoAMFehg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bca3-47620f39181264772d2fb52d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:13:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _v5hatZyEWVRB4Tebygbb-QfE02oaFxE8CRfQsUY7I_ektxE3YeIpw==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:08:01 GMT
age: 61007
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xomoquarry.live/fim/739-NO/edd84d852c4bc7c6a174922b64f37da6.png
104.21.84.29200 OK 1.7 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/edd84d852c4bc7c6a174922b64f37da6.png
IP 104.21.84.29:0
File type PNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 638c9f9cfb95a3aa955bb8beb850488b
10aaa884d8e76b320424c930e1838e875744242c
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
GET /fim/739-NO/edd84d852c4bc7c6a174922b64f37da6.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 1714
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c58TJ%2Fed3eDxjKT62yelz9xh6ZZUl9rZ9QnliGjz%2FgY8wgPc66RYrnEXgj1HXOHE%2B%2Bz929tSfYYCKYiGTwV9wIQk0wdRIThu8v6Q9bakQSMPm3jwJe5Iw%2BAAMqeQNa%2B78NE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00309c45fabc-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fd5f7a9e04d27654062b3e18b8aecca
07fafbd614cdb49f20bceea29d5e684725d3bdf6
0cb64a9a33f66b92eed5a591b6c368f3d74363941d8876e553a8ea6aaa547590
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4199
x-amzn-requestid: 61981ad5-3560-43e1-a1cd-37f823e89675
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQxoEz5IAMFzQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c80a-291574e42bee51b2523b3920;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fL5AwXN4Kitj3BB3DyYyYfFYk3GRgLvhNNTiQKrDcxPR6mkfzyUuzQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:05:04 GMT
age: 43184
etag: "07fafbd614cdb49f20bceea29d5e684725d3bdf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 44238
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: 2711a135-b390-43ef-9e95-92438058bc27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz81FIpIAMFs9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-742f7f293df074340ab6a217;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ygs-Qd7UU_k4t4_breZTyqkHqGjJzlH1UMa9ncww5_IGpJ1n781jfg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:51:55 GMT
age: 43973
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12437
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:43:35 GMT
age: 40873
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 43968
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xomoquarry.live/fim/739-NO/0310358bb94be6e1b98493450c0c1ef9.png
104.21.84.29200 OK 42 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/0310358bb94be6e1b98493450c0c1ef9.png
IP 104.21.84.29:0
File type PNG image data, 1302 x 276, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e83a25d5c3a76df81898c86384ac584
f64b7460eac72c1f9a54ed66e8a4bb1b0a029e5b
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
GET /fim/739-NO/0310358bb94be6e1b98493450c0c1ef9.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 41556
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pU1lXDYneLQvihUQKseUPq3%2BEhfRT2Cj7pH%2FhuJZzBzudeZnPGCegtpT1XWmW0RvjGuOcx7VwzyaskZwJHSWWX6hS5%2ByzT0UUrYFJanvjIuY4yPA4LnDI%2BlpblQH1o1ILWQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00309fffb4ff-OSL
alt-svc: h2=":443"; ma=60
xomoquarry.live/fim/739-NO/eb8ccce1e910ffb724a360c42a789493.gif
104.21.84.29200 OK 16 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/eb8ccce1e910ffb724a360c42a789493.gif
IP 104.21.84.29:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 45f10d30ce7014885a2d438941a16d3a
aceaef7a0d9d282a7272eb85f70030460a067fc6
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
GET /fim/739-NO/eb8ccce1e910ffb724a360c42a789493.gif HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/gif
Content-Length: 15537
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJNm3tBcXD1Cal2orz00utoACvZKLRYzhUP6YTk2CiYtNVtrb9QXP6UgqM2PBXyNmCyAF2yoXC0UTzCndKCUQFDYb7hfUlTkrm%2Fi%2FjQco3DchKWvFPwcCJKYHxPCfiL7kj4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00309c12b4fa-OSL
alt-svc: h2=":443"; ma=60
event.trk-epicurei.com/register/event_log/v9e118mez8
188.114.96.1200 OK 0 B URL HTTP/2 event.trk-epicurei.com/register/event_log/v9e118mez8
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/v9e118mez8 HTTP/1.1
Host: event.trk-epicurei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://xomoquarry.live/
Origin: http://xomoquarry.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:48 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://xomoquarry.live
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0eLv%2BoOPQgQSOlEYzkOnPRAoWciQipkjz8TRcVzhCMx7qHW%2FTB7Q9x61Ilc4NRkF3r09XTRXMH92tUJJFhNufphm7mrZMH3zl694ftOr6ddjj8lqOvDDQJXNft9LiMsniccEcWoTVP3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b0031fbe2b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xomoquarry.live/fim/739-NO/2b20fee386cbf813572657a384ad930e.png
104.21.84.29200 OK 67 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/2b20fee386cbf813572657a384ad930e.png
IP 104.21.84.29:0
File type PNG image data, 224 x 225, 8-bit/color RGB, non-interlaced\012- data
Hash 4970f6e81fd09a18580913369e9a292e
f3754d6af0fbdd94f5860b07b2b18dcb44ec56cc
478e5c20c11f79bba6cbc45ff59f2d7fc83572bee66e38fc65de1b84a7a21911
GET /fim/739-NO/2b20fee386cbf813572657a384ad930e.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 66949
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 10:04:46 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrDzP296mvmMXrU8AZNf3mFkHXrmp7BA6LspD6dQH0G4lfwOrEFmyhHYPD4Dl1cPVD0rt7Jv2tA75ok3XPjiMnHnCoNyQW8dk200OfwIpLmLH9NhdrY0gATdRPRzI5BzbB8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00309f04b4ed-OSL
alt-svc: h2=":443"; ma=60
event.trk-epicurei.com/register/event_log/v9e118mez8
188.114.96.1200 OK 0 B URL HTTP/2 event.trk-epicurei.com/register/event_log/v9e118mez8
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/v9e118mez8 HTTP/1.1
Host: event.trk-epicurei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xomoquarry.live/
Content-type: application/json
Origin: http://xomoquarry.live
Content-Length: 103
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:48 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://xomoquarry.live
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUfYsOFHZfuL2o5zh14%2BCAl5jt1ttgYGgsvWdAncejtPVj8cW9VSfk2WwdHlYnR%2FQix2F3rwVSSJFJ7GYw0ZjKMF3mDvEKBlszUEkGmBMp%2BC%2FgtFihxk5gbYoNWvhdeffCsX2ocZRc0m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b00335dd7b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xomoquarry.live/fim/739-NO/5313410828640aa0ff4f6269f4e26597.png
104.21.84.29200 OK 17 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/5313410828640aa0ff4f6269f4e26597.png
IP 104.21.84.29:0
File type PNG image data, 1920 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash cb0c4933835ef7b5ee5a98ce9a9316db
6e48501c1c2772ebe538efa99121b5f9a5b94dc5
ff3454175fa49d97024781237126ecd082382b28c9a5576505ff38a2785ab037
GET /fim/739-NO/5313410828640aa0ff4f6269f4e26597.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 16848
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0%2F%2Bh5RjDuzfkQtz37YQfIAg%2Ba0hlw7q1Hl3hoScQhZRaKZ2W4iB4A3OlxJNLiD%2F54VwFhFw%2FU9Z5eJ5sNqh7uGo2g9X6aRkeLKNM89xCc4MqwIJ24hJuK15hGFXsX5slP0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b003249440b49-OSL
alt-svc: h2=":443"; ma=60
xomoquarry.live/fim/739-NO/edf52100adf33f49d7594281a6f88c0d.png
104.21.84.29200 OK 1.4 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/edf52100adf33f49d7594281a6f88c0d.png
IP 104.21.84.29:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash f80d76962e5d09440f1bfea32392c735
67d16c116d0e17684d21f74ab7959728dcbe44b4
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
GET /fim/739-NO/edf52100adf33f49d7594281a6f88c0d.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 1385
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 10:04:46 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXuCFUZYz6jyqRHoqr9UyMoJsubBx01ONdsrfFlZAnTlGWrSr9p2Dhw6wnDCWh8lKVjww4gkm%2FBNWMR4N%2FKEXzutqioG2n%2FQ1NXQaV9tGGMHdb9%2F%2Blw9N%2Bcn9eSq2Cr9WVM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b0033db12b4ed-OSL
alt-svc: h2=":443"; ma=60
xomoquarry.live/fim/739-NO/b35d4ff35881cb1bf086b56b5c50c48c.png
104.21.84.29200 OK 440 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/b35d4ff35881cb1bf086b56b5c50c48c.png
IP 104.21.84.29:0
File type PNG image data, 409 x 389, 8-bit/color RGBA, non-interlaced\012- data
Size 440 kB (440312 bytes)
Hash 859c164c48841d1338721ef81f082275
87ad93db746199fdc2b84f7d7b83d45ba35d893e
38d20c937746ce10d7624256299bcc9fac8f77e490507bac0c3d98324b0612fb
GET /fim/739-NO/b35d4ff35881cb1bf086b56b5c50c48c.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 440312
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 10:04:46 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuokHc75OfiolTnCgzxYlQAWToR2fAr1fyBXsFrxwtVfAKa9c9PO5EeXb8StxRfLRaxcm7nI6MxVTOTZ3NA0sCybbDrKs2%2F654rBaE6oWbjCEqxTh9lOIsCWOq%2FOQNQS7bI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00330bb3b4ff-OSL
alt-svc: h2=":443"; ma=60
xomoquarry.live/assets/css/legacy/dist/common-hybrid.css?v=11e4e3becab4f419078ce633e967a699
104.21.84.29200 OK 848 kB URL HTTP/2 xomoquarry.live/assets/css/legacy/dist/common-hybrid.css?v=11e4e3becab4f419078ce633e967a699
IP 104.21.84.29:0
File type ASCII text, with very long lines (25017)
Size 848 kB (847890 bytes)
Hash 6a8ebc48a1e0a31b7de2565959aa0253
0bab29d691fe51e84a33df828979b2354af3f864
16e6ae2a9c907662623f65321eea9abc7c4266240627914bdf55c87baeb67686
GET /assets/css/legacy/dist/common-hybrid.css?v=11e4e3becab4f419078ce633e967a699 HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Thu, 17 Nov 2022 22:46:26 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzSPfi%2FMazBwgrvtmD0StmzlNono2WZR%2B%2FHPD3ddlhqJcwrzddZlspyYg23P5zktgesEezR6SEW8AhnckxwBy2YXLuqasmDE8VdZPnh5QGn5%2BfRPJFJjQ83CSvrGTDt0IM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1de11c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xomoquarry.live/assets/js/intl_functions.js?v=11e4e3becab4f419078ce633e967a699
104.21.84.29200 OK 1.4 MB URL HTTP/2 xomoquarry.live/assets/js/intl_functions.js?v=11e4e3becab4f419078ce633e967a699
IP 104.21.84.29:0
Size 1.4 MB (1448085 bytes)
Hash 41a07b8a58da1e9feb1ec7a90eb9a058
faf4d75d4990f5138c499b06e068883985f3eafa
3c5fd35be2e5c062a82f909797d626866f695ad98ce84cde1240534b516ffbb5
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/intl_functions.js?v=11e4e3becab4f419078ce633e967a699 HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Mon, 26 Sep 2022 20:48:44 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpfx1EjS4t1ZTn4rvyptJQGBpZT6Y6IRlwW2Gbxsw57j0eKlhITSV2YiTVxeNnFrFt2PO9Zx0y5nDNTiLXhtpSn0o9iQEcla0RyXou7OzxfWt3Cy2oUwmh0k7MnN1Ftigic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1dda1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xomoquarry.live/assets/vendors/fontawesome/css/all.css
104.21.84.29200 OK 1.4 MB URL HTTP/2 xomoquarry.live/assets/vendors/fontawesome/css/all.css
IP 104.21.84.29:0
Size 1.4 MB (1383650 bytes)
Hash 54f5634cf040839a19be7e71bdbd2274
114c11e4e10fd22729485e59904f03085f0a86b4
d0c27d79e750bc8f87f0bbf44a0a1c4b56065c9c80dab7ee0489bb28747b014a
GET /assets/vendors/fontawesome/css/all.css HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Mon, 19 Jul 2021 19:00:02 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8lb0Xj3qKYAMUYA8%2F%2BgEFC5qW14OichNBnrHg668GhszPCknV4gPV%2FoHpzNqRId1ekMlXG2TqybiBECPzZJtcXUjvFL%2FWcY2%2FyACO8DNjYZucUrz6IOpDILEqmKP2GhIL8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1dd81c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xomoquarry.live/fim/739-NO/6ecd116032ec7f7b6c14dbd555a02693.png
104.21.84.29200 OK 5.4 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/6ecd116032ec7f7b6c14dbd555a02693.png
IP 104.21.84.29:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b5c6ba6189f312f9f518255825b9028
1133590edc6e0e951329c6c8a9f96627e28cc915
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
GET /fim/739-NO/6ecd116032ec7f7b6c14dbd555a02693.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:49 GMT
Content-Type: image/png
Content-Length: 5389
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:49 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcD7l5NjG0Gwf%2BSr97eMDgkZxCjsF%2BFBXxoAaatdSPKJb%2BzDoVj8kLJtg5qt66W6rhmk1zzLKGz9UHOzaFRWpi1rsudrAeJ%2Ff%2BJCYmcjw6zz4TeecQI4vJdwJiMsMJ3cpV4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00382a4eb4ff-OSL
alt-svc: h2=":443"; ma=60
xomoquarry.live/fim/739-NO/d6309a64fbe1fe63c8ba34d9dda4a32e.png
104.21.84.29200 OK 414 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/d6309a64fbe1fe63c8ba34d9dda4a32e.png
IP 104.21.84.29:0
File type PNG image data, 380 x 440, 8-bit/color RGBA, non-interlaced\012- data
Size 414 kB (414206 bytes)
Hash bdde172bc48180ddf3c9b7a9f2606760
b2d13a945a2b0b5785f543268c313fca148e1a97
ba98eecff8a45afcc8b229c02fa6eefff2f42f467c65298a1816a0e16318c2f7
GET /fim/739-NO/d6309a64fbe1fe63c8ba34d9dda4a32e.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:49 GMT
Content-Type: image/png
Content-Length: 414206
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:49 GMT
last-modified: Thu, 01 Dec 2022 10:04:46 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miHAoivJwE9NDD1uBDLe7vIUMt4mPDML5qXo4QC2Pc1nChd0SFFb8IzjU2deGTxSDoE2VH8nb9LbblFX5XuHhFFoNig6sKbZ9J3XoMNwZD0QkfH0vsKoYjnoRGffTojXIg4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00358d1db4ed-OSL
alt-svc: h2=":443"; ma=60
xomoquarry.live/fim/739-NO/1d0a1b7fd7f4f9a7a5cccf5998a28367.png
104.21.84.29200 OK 858 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/1d0a1b7fd7f4f9a7a5cccf5998a28367.png
IP 104.21.84.29:0
File type PNG image data, 900 x 900, 8-bit/color RGB, non-interlaced\012- data
Size 858 kB (857921 bytes)
Hash a2917b767acbf9e968d1bb3878d619fa
75cd32978cbb0d96326eb7a13c9c2d0c1373aec7
3b81b0cae76e02e47a8b289ab7872381601919ba728e6a655482a4d304b08192
GET /fim/739-NO/1d0a1b7fd7f4f9a7a5cccf5998a28367.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:49 GMT
Content-Type: image/png
Content-Length: 857921
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdIWwVeCFTI%2By6JZmDSRle4FZSFTL86mIVtL261O8BSaPTlQOZuK%2FVW%2FKgQSb3EEDBZCk6CJoSLpewePNmgLq920aPuZnWimD22pVijKVjb%2FdSaSejp1cSPzXZXYWVxqxCA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b0034bc950b49-OSL
alt-svc: h2=":443"; ma=60
xomoquarry.live/fim/739-NO/e3f4b5b4efc72849b62a03e8a7f3d83e.png
104.21.84.29200 OK 45 kB URL HTTP/1.1 xomoquarry.live/fim/739-NO/e3f4b5b4efc72849b62a03e8a7f3d83e.png
IP 104.21.84.29:0
File type PNG image data, 300 x 219, 8-bit/color RGBA, non-interlaced\012- data
Hash 795beb895ed7a45b47ecafd22dca0922
baf5bd0de1c1027369ebf705dfb9fabaee8db492
c58ad513bf792848e8df90c0c7339ee9720b9b9487f2bf2268a2ae94d53f3e32
GET /fim/739-NO/e3f4b5b4efc72849b62a03e8a7f3d83e.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:52 GMT
Content-Type: image/png
Content-Length: 45013
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:51 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFIppEq%2BKyMDFlaYrPGot%2BRtzJN2zy7i5u%2BV%2BVX2BPjGfR8e3rfHkCZWze4%2FcwLx2GqbIAvLunr0UmImkMW2aDfTJnO%2F%2FXHzgudSVyHfkdWdKNwHVByF1rPyRy3Dq%2BXAFr0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b0045faf3fabc-OSL
alt-svc: h2=":443"; ma=60
trk-epicurei.com/scripts/push/v9e118mez8
188.114.97.1200 OK 0 B URL HTTP/2 trk-epicurei.com/scripts/push/v9e118mez8
IP 188.114.97.1:0
GET /scripts/push/v9e118mez8 HTTP/1.1
Host: trk-epicurei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:48 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6WlP3edb1R%2BrnzTiVAhWRApLC9Hm4sdpDyVjAUFXelj7lzpf7wjDcv5hbTZ0scoZttmr8qaobW00AradFPsaBNvPLfI8jUDMGBuEAFhLt2V970QRNsXYUOSib%2BzNwU%2BFCVi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002fc8c21c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xomoquarry.live/assets/js/vendor/bootstrap/js/bootstrap.min.js
104.21.84.29200 OK 0 B URL HTTP/2 xomoquarry.live/assets/js/vendor/bootstrap/js/bootstrap.min.js
IP 104.21.84.29:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Tue, 23 Mar 2021 22:52:06 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTjiWzwWEQf%2BPWjFT%2Fg%2BaovbvVqE8tPLsfgXBkliVcXJkik0O9xIHSq5v2WPzu7O78h2k%2BZNLwvsgo70N56tPxK0AmX2KhyeZjZQLl9SXx579R%2BrEPgUyjA2jGGrhv9ej%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1ddf1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xomoquarry.live/assets/js/vendor/jquery-3.4.1.min.js
104.21.84.29200 OK 0 B URL HTTP/2 xomoquarry.live/assets/js/vendor/jquery-3.4.1.min.js
IP 104.21.84.29:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/vendor/jquery-3.4.1.min.js HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Tue, 23 Mar 2021 22:52:06 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaFlFCq2EMRyJCnvGfl1L2oM8X94MgXzHFmN%2F4XupsRPAYqVbFxeu0wA7vm9hYoLTOdg1FQcI6MMob0f0GSepokYOso6dm0M7nL0eIIWUb32fxHIvRr6TkuKPF2it6gy8%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1ddd1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2