Report - xomoquarry.live/?s1=350619&s2=861708570&s3=1363&s4=&ow=&s10=739

Report Overview

Submitted URL
xomoquarry.live/?s1=350619&s2=861708570&s3=1363&s4=&ow=&s10=739
IP
172.67.185.97
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-01 10:04:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.165.176.211
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	490 B	19 kB	142.250.74.163
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	729 B	23.36.76.226
event.trk-epicurei.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	983 B	2.5 kB	188.114.96.1
trk-epicurei.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	1.4 kB	188.114.97.1
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	66 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
xomoquarry.live	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	5.7 MB	104.21.84.29
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	43 kB	142.250.74.40
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	745 B	561 B	216.239.34.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f?_ax=w	Phishing
2022-12-01	medium	xomoquarry.live/inc/msg.js	Phishing
2022-12-01	medium	xomoquarry.live/assets/js/legacy/dist/common-hybrid.js?v=11e4e3becab4f419078ce633e967a699	Phishing
2022-12-01	medium	xomoquarry.live/assets/js/intl_functions.js?v=11e4e3becab4f419078ce633e967a699	Phishing
2022-12-01	medium	xomoquarry.live/assets/js/vendor/bootstrap/js/bootstrap.min.js	Phishing
2022-12-01	medium	xomoquarry.live/assets/js/vendor/jquery-3.4.1.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	trk-epicurei.com/scripts/push/v9e118mez8	6.9 kB	2023-03-08	2023-03-11
Pretty URL trk-epicurei.com/scripts/push/v9e118mez8 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:37:51 Last Seen2023-03-11 23:29:25 Times Seen1 Hash 21462559d0f088ee6fff9346dc74aa44 bf59728bf0e8207ac4bb25b8a74e80e8d72df376 6745ca7e5b3bbda5143038305bc1ec5648296f4dd1bbbdaa0f81b87ee35c9676 Loading...

	xomoquarry.live/assets/js/vendor/bootstrap/js/bootstrap.min.js	49 kB	2023-03-07	2024-05-10
Pretty URL xomoquarry.live/assets/js/vendor/bootstrap/js/bootstrap.min.js IP 104.21.84.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-10 20:03:31 Times Seen139502 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	xomoquarry.live/assets/js/functions.js?v=11e4e3becab4f419078ce633e967a699	495 B	2023-03-08	2023-08-14
Pretty URL xomoquarry.live/assets/js/functions.js?v=11e4e3becab4f419078ce633e967a699 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:54:18 Last Seen2023-08-14 23:36:19 Times Seen388 Hash fb55014af432c38a5538ca29395688b4 9ed666b6d0f3295a48197b436dcd3542d6285c5a 1889b6974dcdd299f94f8fbf28ac3b73ec7fc5be2dc1686bca0eef1aa0716eac Loading...

	xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f	2.2 kB	2023-03-11	2023-03-11
Pretty URL xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash 7de04f2aaefe20a6101a8bac5c80df75 346d3cc333ad50a67545247b002a4792e071402e 19ff868e241633114e3866e164e80c8b169b55b05021fad2348bda7c4b733f87 Loading...

	xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f	3.6 kB	2023-03-11	2023-03-11
Pretty URL xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash 0c89118acd2236ef0b66db9aebd14bd5 2442a7ab9219f1cdff4ee65ca33c30a2f8ed7a61 770ad2ecd339b5884ef356f35fbbcaae422240ad5acbfded8b453a889c899cb9 Loading...

	xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f	54 B	2023-03-08	2023-07-28
Pretty URL xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:54:18 Last Seen2023-07-28 17:48:52 Times Seen149 Hash 392a77e90f3120d95fa2eebbae38a55c ee8f2cdb9c7164c4e094aec229d2ef63f31a7cc8 cf7ab3a8736dfed8d7b404592133402827ae0da40db96f76f6a7700d90d373b7 Loading...

	xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f	341 B	2023-03-07	2023-12-29
Pretty URL xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:37 Last Seen2023-12-29 10:44:24 Times Seen220 Hash 72775142c49430dab89bed2a8f31a10c 4d179311b4dc0edde9f5d3459bef73646d5c09d8 f16dda1723701974b5baca11db5cc5e3d4bd02fa839bfd568219ceb38182660a Loading...

	www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c	218 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash 2b2c7b9637bd24cf251d92efd5d5e99c b809ebd4cdc9e7472024c90ce97c37001ad4a58d 67bebdec74239387ba9d8b9c77e7c14c30ae31885441ddec3b72244de6ed1b99 Loading...

	xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f	146 B	2023-03-11	2023-03-11
Pretty URL xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash b83f78444c2afccca11d1b6e6ca959e2 5a704ebac867c702fe3eaea08d80f05cf096db70 e15b662f2c02d557ba6a7d16efea65c75547040347e625cd5e4c8d15bd10f45a Loading...

	xomoquarry.live/assets/js/legacy/dist/common-hybrid.js?v=11e4e3becab4f419078ce633e967a699	92 kB	2023-03-08	2023-03-11
Pretty URL xomoquarry.live/assets/js/legacy/dist/common-hybrid.js?v=11e4e3becab4f419078ce633e967a699 IP 104.21.84.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:37:51 Last Seen2023-03-11 23:29:25 Times Seen1 Hash 964c5a34e01ffa2fdfa3d9ad34b9a522 249b0f2f06cb116d3b365364f08e5dc388a1a942 0e9dd5d71e646addac744033751051a5e9546389e97b55c78f7f62e273766901 Loading...

	unknown	0 B	2023-03-07	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 20:19:58 Times Seen37521664 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f	171 kB	2023-03-11	2023-03-11
Pretty URL xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash 5287e0805a0ab083ea5c4c8803cbcf56 5bc2bd9201a7398d62cf04199883f58832ee7b3a 7688793cf34d48450dd8acd4e25557ac0a732c1876f9ab795d8a389127bfd833 Loading...

	xomoquarry.live/assets/js/intl_functions.js?v=11e4e3becab4f419078ce633e967a699	3.6 kB	2023-03-08	2023-08-14
Pretty URL xomoquarry.live/assets/js/intl_functions.js?v=11e4e3becab4f419078ce633e967a699 IP 104.21.84.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:37:51 Last Seen2023-08-14 23:36:18 Times Seen456 Hash 2004898f32e28b8c06824cfd80398672 3dca965b6402a267d81dfb4651821641fbf955fe b45697b6ce0983415e685fe5d6d97d4c29add3149d16fcb61a0bad9a82e177d5 Loading...

	xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f	1.2 kB	2023-03-11	2023-03-11
Pretty URL xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash e76704641e75c285b42e23eb32e96bac cbfffe266ea7087823f42be61c57a638a79035ff e250b243578b482260966dbf3fa30dbb845beb1d81ee1f174389d61876fcbd9b Loading...

	xomoquarry.live/?s1=350619&s2=861708570&s3=1363&s4=&ow=&s10=739	1.8 kB	2023-03-11	2023-03-11
Pretty URL xomoquarry.live/?s1=350619&s2=861708570&s3=1363&s4=&ow=&s10=739 IP 104.21.84.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash cd63204aa7b9433fc1a02f184abd3e01 1f78befe98f86e8e173ce79acd9106c452d9039a 6e14122d8cd1ad32cb50929f60e10d3c203870a2bdc6aa0b797690f2f1fc8ff5 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX	108 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash de3e8c41fe65980a50d8d2dde4de0546 064f415e386799250242350458ca77766b203630 2d5c8ad9f34eac002929d2ec2763f91b7eec9ce3ae1a9940e054ca47e8be8ff1 Loading...

	xomoquarry.live/inc/msg.js#c5a60c0f07192c31f4e231f773b7b36b	942 B	2023-03-08	2023-05-25
Pretty URL xomoquarry.live/inc/msg.js#c5a60c0f07192c31f4e231f773b7b36b IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:37:51 Last Seen2023-05-25 20:39:12 Times Seen265 Hash 3215db822ee75e67867adaa962a2dc31 04cf772ea5495b1b79e2defebbd1fb52e5d08bbd 06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3 Loading...

	xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f	2.1 kB	2023-03-11	2023-03-11
Pretty URL xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash 807e55a58c7f9dede4ad7a6b159a370d 7fcdf8dbff5d682633da778527cbf2d5014d4d7a 4ded19505fd88bcaab96994cf7d08ca86afd21ffeb40210088deebeb82742c09 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 290419686c1205676ddc520eabbe4841	103 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash 290419686c1205676ddc520eabbe4841 ae21b4891e1bedd7f9e9bc21c09aa9a511391557 53123836f534b203e2f446214f85aea4029cbdd3580bceba7cf492fdee6a5d67 Loading...

	#2 Eval - e3fb5fa4c815aaa8a90185794c8f493f	362 B	2023-03-08	2023-11-24
Pretty Observations First Seen2023-03-08 15:37:51 Last Seen2023-11-24 18:14:14 Times Seen359 Hash e3fb5fa4c815aaa8a90185794c8f493f 092941e79fdce12d85f5518ab5eed88f94068b6b 5507efabceec1a54ed3dc4e899b6fa299532de2b50b1a01620a00a2d78363c85 Loading...

	#3 Eval - e99084b8b5347596b1766bc3ec3a16de	45 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash e99084b8b5347596b1766bc3ec3a16de 54cedb7b2246ce0f3ef668ccd25e877b078e72ce d98b913541d68e9c4f4ae5eac9eccc320f67894f66499a33adf66b15206b4e27 Loading...

	#4 Eval - f1c468f4bc474d948b70bca85eb38a16	349 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash f1c468f4bc474d948b70bca85eb38a16 3376f8e5fa43b1543e1cd5c4ca6963c86d0057a2 d9eb211c5cb239a2cbe8a46b1c012b25a191ac60d62f47fe8c1319c3a33c8a31 Loading...

	#5 Eval - f5f15d8e0f39d0e071c4936e8c76ef72	618 B	2023-03-08	2023-11-27
Pretty Observations First Seen2023-03-08 04:54:18 Last Seen2023-11-27 14:40:43 Times Seen426 Hash f5f15d8e0f39d0e071c4936e8c76ef72 ea813fa0a115e4cbc73af13a2605ca18e4671190 5b912060d7acff6378de3e84659b15a43157e618eea5add79d27501730f5ffd7 Loading...

		Size	First Seen	Last Seen
	#1 Write - a86f98cd05049b999d3bbcd80508d42b	44 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash a86f98cd05049b999d3bbcd80508d42b c7d04b183ad8dd31715cc6b85f8c99c62ebcd0f4 924ea480a63b1b6c666f2151f180ff74c81908864e474ea25b42c8b46eb937b1 Loading...

	#2 Write - cf7cdf41e57f0638d45f492ba2f0ae35	185 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 23:29:25 Last Seen2023-03-11 23:29:25 Times Seen1 Hash cf7cdf41e57f0638d45f492ba2f0ae35 c505f185bb5f1975e0632a5d9b0ee8c082a74cbb c481bb1a572cd1eaa77890625953eb141097a60e7185be9e69abf31d30228387 Loading...

HTTP Transactions (57)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10010
Expires: Thu, 01 Dec 2022 12:51:36 GMT
Date: Thu, 01 Dec 2022 10:04:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12987
Expires: Thu, 01 Dec 2022 13:41:13 GMT
Date: Thu, 01 Dec 2022 10:04:46 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1380
Cache-Control: max-age=89373
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:46 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 10:54:19 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: S+xbjKMmgxUvQZLlWRDl5Jhl0R2ug/gyBgdsBP72NXVEgluprJMMdFu60og8VMSG6mNy3Zx/2PQ=
x-amz-request-id: 0FXN26HAQ6B2BN0W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 09:45:37 GMT
age: 1149
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 09:19:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2700
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 10:04:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

xomoquarry.live/?s1=350619&s2=861708570&s3=1363&s4=&ow=&s10=739

104.21.84.29

200 OK

827 B

URL HTTP/1.1
xomoquarry.live/?s1=350619&s2=861708570&s3=1363&s4=&ow=&s10=739
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1804), with no line terminators
Size
827 B (827 bytes)
Hash
49edbc9bc2bf5713674cdd140bfb2e2e
69382afdde30e74bc39bb260568f39e97937e13f
78a9bc61cabceb19d5d566460e99d214cf15e87044d0651c16299f7f7488c1f5

HTTP Headers

GET /?s1=350619&s2=861708570&s3=1363&s4=&ow=&s10=739 HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZaFgtPyZVmEUjnbBPjK5E4mcX1YQ869f19A6U38etKaX%2Br5oEK%2FStkb%2FdqUeWlm2D7OdRG7P1HnpTDO3GPG86uQ5JeS3BEpFisn7DnOBoINL6ZhnzZ9FmNEXGax67n6JZU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b0022fb570b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 09:08:56 GMT
cache-control: public,max-age=3600
age: 3350
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1353
Cache-Control: max-age=170676
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:46 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:29:22 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

xomoquarry.live/favicon.ico

104.21.84.29

200 OK

1.7 kB

URL HTTP/1.1
xomoquarry.live/favicon.ico
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
1.7 kB (1702 bytes)
Hash
959c8301752d9dae8d7d178b6fe18cc4
5d585d9efde2ab963cc624d4d16dcac555eebf75
8ff025dc4f88df2b69948687aba576a8a74085a1b4e272915598171c3ff6f8cb

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:46 GMT
Content-Type: image/x-icon
Content-Length: 1702
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:46 GMT
last-modified: Thu, 29 Sep 2022 23:17:52 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPvrNNQY3ngFnPO%2FWUkqNew4VvEkRUeyyyffFWvHvX0Voj1ydqrgXvM%2BTtlIOGRQh6LKfkvHzKB9nSQtPlEF2hmGA2Fhr38lVFcZjCu4SuI38Ij5VsVWgd%2F7alIAKSX1urM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00275f280b49-OSL
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

35.165.176.211

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.176.211:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /4svOGGHbmuZXgOkZ9mzmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SKrQRw9gZnbjXwB2Z+FyQ85T9m0=

xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f?_ax=w

104.21.84.29

200 OK

23 kB

URL HTTP/1.1
xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f?_ax=w
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (61513)
Size
23 kB (22881 bytes)
Hash
6159ef1609baf91d48ea47939369427c
9b94842b5803c8eeca33db1106910f8df46574d9
09a4cccd16b6b366ac5332adcd7318e06367b101300ef56cc385a6141e8ce894

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /4caeb772a1ad4e8fdb784ce19c7e507f?_ax=w HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0c86HXCHVM3g2MhaCqiSee6oSbcXY%2Bjke0ZD%2FHdI4CVYtdPEWQPD83tSrdQSnjrNt8sKQOWUvGA5M5xGf21Yherplmbrktw7%2BVQKqnUXL3X2fdTTHMDWHG5m%2FKDOq0I5u64%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b0026cc44b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX

142.250.74.40

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
42 kB (41859 bytes)
Hash
3ab3b0f394b010f6357f9a9743e8896d
e77e77d34a604937cc056d625cbe1838a8a6c014
09c4b2fd56bee9573e178fe89ac7aa8ae659524ae7fd095b28ca5489008874f9

HTTP Headers

GET /gtm.js?id=GTM-M5FVHZX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 10:04:47 GMT
expires: Thu, 01 Dec 2022 10:04:47 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41859
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

xomoquarry.live/inc/msg.js

104.21.84.29

200 OK

450 B

URL HTTP/1.1
xomoquarry.live/inc/msg.js
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
YAC archive data\012- , ASCII text
Size
450 B (450 bytes)
Hash
ccd1e670cf3e585961dc2814b75b8a14
4e68d218d63cb2aed4df6a1958b19156f3b88eda
42379dacfe8f57ac955c63ed76aef9eadbbd59eede78b7cad5dcefc91eca7d88

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /inc/msg.js HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:47 GMT
Content-Type: application/javascript
Content-Length: 450
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Thu, 20 Oct 2022 12:25:37 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3TRDk006b1wmom0JPiDaM199Ot66WUWeF4xhS2xEgJ6JOHvUAm4pkMCbGD%2FddS%2FMfffOPZc8jwEonUkzflGCWVlVqBpQXmqMib43f5j7RUQ%2Bd2ZnVlFMu8MW3Fq2yn7y%2Bc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b002bfb17b4ff-OSL
alt-svc: h2=":443"; ma=60

xomoquarry.live/assets/js/vendor/bootstrap/css/bootstrap.min.css

104.21.84.29

200 OK

22 kB

URL HTTP/2
xomoquarry.live/assets/js/vendor/bootstrap/css/bootstrap.min.css
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65325)
Size
22 kB (22295 bytes)
Hash
2d8dd73cb1b73b77d7acfe86af6085f5
5759e40d0959e322c96c397e83a5e0136b55d180
932b42dfced279c535ac5f2f1f1a62d7296f43853c4e03dc8e86049174b4982a

HTTP Headers

GET /assets/js/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Tue, 23 Mar 2021 22:52:06 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQfH8fJrOxvV2bEoJnAGdwiLn9ZWh9iJ6NJAhYEObLzCsEUtzhM%2BTlNkMRIShtk5v6C7F5gnladZ3pGEsawDtwNtbJ4o8eAnq%2ByRCUKwGOOhY5U5I38lLQOGt9uhBH7jcrM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1de01c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xomoquarry.live/assets/css/legacy/1.3.css?v=11e4e3becab4f419078ce633e967a699

104.21.84.29

200 OK

2.1 kB

URL HTTP/2
xomoquarry.live/assets/css/legacy/1.3.css?v=11e4e3becab4f419078ce633e967a699
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text
Size
2.1 kB (2111 bytes)
Hash
45b3ed4f433b165c383deb192e8c876c
d31e9d19fd7842d7194a3dfb4ba3d4d225a1b88e
213d65dce37455d6c05389d6f14358da9d52c918cb129858da994ad9dbc37852

HTTP Headers

GET /assets/css/legacy/1.3.css?v=11e4e3becab4f419078ce633e967a699 HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Fri, 08 Oct 2021 15:59:38 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Sqz8O7QK%2FeffZHJ8AWaPsHZKaAehVCvGHXT14UIoM1D0iTVjJMFZrnrMi04VuClm4mK%2Fv9vdHJBKqMZQaNoK27%2BgbDBkYDVuhk6RtCBiRBWgYiWu7SGSGvpQqs59uoc3Ig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1ddc1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xomoquarry.live/assets/js/legacy/dist/common-hybrid.js?v=11e4e3becab4f419078ce633e967a699

104.21.84.29

200 OK

20 kB

URL HTTP/2
xomoquarry.live/assets/js/legacy/dist/common-hybrid.js?v=11e4e3becab4f419078ce633e967a699
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (20100 bytes)
Hash
c0e0c3ff2c00baf9a74414527b56951f
fa4ad3885fbf034fa1d2a55ddb776e6b0f6fa274
1a043f2416b572c52c2b2c7c06e6e98c9a2929b3c226b9e9fc291cb7554726dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/legacy/dist/common-hybrid.js?v=11e4e3becab4f419078ce633e967a699 HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Thu, 10 Nov 2022 20:23:29 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UikI3MH5wG0D56DYEdgAYiHcMAEB4Cwqp0maxKzK0p34exIkegd6%2FZFgM5N%2FMgoJ5NgKpEjrVcDmeZmeUfMN1U6qFCp6JQwFBmi1e4oWOhCzdw5B4eOBwMxfLN%2FQmz%2FpobM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1ddb1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

142.250.74.163

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18260, version 1.0\012- data
Size
18 kB (18260 bytes)
Hash
6dea752293556883fdae057d588b0bb1
e4d090e03bb920f5ddf7b09937428b2a0a2a9ee0
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

HTTP Headers

GET /s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://xomoquarry.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 17:03:36 GMT
expires: Fri, 24 Nov 2023 17:03:36 GMT
cache-control: public, max-age=31536000
age: 579672
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
08d0b3a59339bb3c4aaa46d0489b9eb8
1290f4282c5d08e383c178b083022be9cdee6029
9798f1a7f313b6521ba3cc70a0d4bda8d18c35194151c726761ebb44f4d748db

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9798F1A7F313B6521BA3CC70A0D4BDA8D18C35194151C726761EBB44F4D748DB"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16651
Expires: Thu, 01 Dec 2022 14:42:19 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:04:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=2oebs0&_p=476273289&cid=1637113895.1669889086&ul=en-us&sr=1280x1024&_s=1&sid=1669889086&sct=1&seg=0&dl=http%3A%2F%2Fxomoquarry.live%2F4caeb772a1ad4e8fdb784ce19c7e507f&dt=%5B1%5D%20Bel%C3%B8nning%20venter%20-%20Online%20Survey%20-%20Vi%20%C3%B8nsker%20din%20mening!&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=2oebs0&_p=476273289&cid=1637113895.1669889086&ul=en-us&sr=1280x1024&_s=1&sid=1669889086&sct=1&seg=0&dl=http%3A%2F%2Fxomoquarry.live%2F4caeb772a1ad4e8fdb784ce19c7e507f&dt=%5B1%5D%20Bel%C3%B8nning%20venter%20-%20Online%20Survey%20-%20Vi%20%C3%B8nsker%20din%20mening!&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-DKB9VH2QW4&gtm=2oebs0&_p=476273289&cid=1637113895.1669889086&ul=en-us&sr=1280x1024&_s=1&sid=1669889086&sct=1&seg=0&dl=http%3A%2F%2Fxomoquarry.live%2F4caeb772a1ad4e8fdb784ce19c7e507f&dt=%5B1%5D%20Bel%C3%B8nning%20venter%20-%20Online%20Survey%20-%20Vi%20%C3%B8nsker%20din%20mening!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xomoquarry.live
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://xomoquarry.live
date: Thu, 01 Dec 2022 10:04:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12437
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12437
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12437
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive

xomoquarry.live/fim/739-NO/7fd43f70868e0c0a81a70d4d84fba804.png

104.21.84.29

200 OK

14 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/7fd43f70868e0c0a81a70d4d84fba804.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13773 bytes)
Hash
d1bb2f4eeba183056e73d1c95eb72a3d
4c21008a7372c25f3268fc1294f49d72c4e9e5a7
09e5067a2af7892c98861bc70f0d531dfa734e434371c528dc16a0a388d8c27a

HTTP Headers

GET /fim/739-NO/7fd43f70868e0c0a81a70d4d84fba804.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 13773
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FG49benDScIq4KlGhuMLgSRtkRjy9a05ndTXAnYwX9jvuL1s8Z6mjI9pPVm6FdDtLKcfkxO4dgaxw04FUrvgOb8ylujsV%2FaZ5LOtny9g%2BZV5nkRV%2ByPjGTEFYTTPrm8JGM8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00309fb50b49-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12437
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive

xomoquarry.live/fim/739-NO/6e36e337ef3f9fecec83130728059c74.png

104.21.84.29

200 OK

8.0 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/6e36e337ef3f9fecec83130728059c74.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 124 x 123, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8047 bytes)
Hash
3aa5f4a85f723c846f9adae3ced23e36
b8b9d59b51d024b787c979bc47fceb7fbde67f8a
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2

HTTP Headers

GET /fim/739-NO/6e36e337ef3f9fecec83130728059c74.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 8047
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOnvNtVjJvWA1qQ8iNWn21FdKorT2WAnoq0r3W3OgvFbgtwKRopRENRTs%2BN3qTy7EmV0i%2BZxwgHcRKGNChbsk5X5%2F8tmK%2Bt6nsghkN1r5OcUe2QLjQBXIe7U1AfljgGQbYs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b003098edb51b-OSL
alt-svc: h2=":443"; ma=60

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9459 bytes)
Hash
e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 9e243a73-18ff-4abf-9b9c-442719960125
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpppFXjoAMFehg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bca3-47620f39181264772d2fb52d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:13:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _v5hatZyEWVRB4Tebygbb-QfE02oaFxE8CRfQsUY7I_ektxE3YeIpw==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:08:01 GMT
age: 61007
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

xomoquarry.live/fim/739-NO/edd84d852c4bc7c6a174922b64f37da6.png

104.21.84.29

200 OK

1.7 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/edd84d852c4bc7c6a174922b64f37da6.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1714 bytes)
Hash
638c9f9cfb95a3aa955bb8beb850488b
10aaa884d8e76b320424c930e1838e875744242c
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d

HTTP Headers

GET /fim/739-NO/edd84d852c4bc7c6a174922b64f37da6.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 1714
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c58TJ%2Fed3eDxjKT62yelz9xh6ZZUl9rZ9QnliGjz%2FgY8wgPc66RYrnEXgj1HXOHE%2B%2Bz929tSfYYCKYiGTwV9wIQk0wdRIThu8v6Q9bakQSMPm3jwJe5Iw%2BAAMqeQNa%2B78NE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00309c45fabc-OSL
alt-svc: h2=":443"; ma=60

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4199 bytes)
Hash
4fd5f7a9e04d27654062b3e18b8aecca
07fafbd614cdb49f20bceea29d5e684725d3bdf6
0cb64a9a33f66b92eed5a591b6c368f3d74363941d8876e553a8ea6aaa547590

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4199
x-amzn-requestid: 61981ad5-3560-43e1-a1cd-37f823e89675
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQxoEz5IAMFzQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c80a-291574e42bee51b2523b3920;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fL5AwXN4Kitj3BB3DyYyYfFYk3GRgLvhNNTiQKrDcxPR6mkfzyUuzQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:05:04 GMT
age: 43184
etag: "07fafbd614cdb49f20bceea29d5e684725d3bdf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12898 bytes)
Hash
820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 44238
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12035 bytes)
Hash
acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: 2711a135-b390-43ef-9e95-92438058bc27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz81FIpIAMFs9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-742f7f293df074340ab6a217;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ygs-Qd7UU_k4t4_breZTyqkHqGjJzlH1UMa9ncww5_IGpJ1n781jfg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:51:55 GMT
age: 43973
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12437
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:04:48 GMT
Connection: keep-alive

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:43:35 GMT
age: 40873
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16038 bytes)
Hash
ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 43968
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

xomoquarry.live/fim/739-NO/0310358bb94be6e1b98493450c0c1ef9.png

104.21.84.29

200 OK

42 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/0310358bb94be6e1b98493450c0c1ef9.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1302 x 276, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (41556 bytes)
Hash
2e83a25d5c3a76df81898c86384ac584
f64b7460eac72c1f9a54ed66e8a4bb1b0a029e5b
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1

HTTP Headers

GET /fim/739-NO/0310358bb94be6e1b98493450c0c1ef9.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 41556
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pU1lXDYneLQvihUQKseUPq3%2BEhfRT2Cj7pH%2FhuJZzBzudeZnPGCegtpT1XWmW0RvjGuOcx7VwzyaskZwJHSWWX6hS5%2ByzT0UUrYFJanvjIuY4yPA4LnDI%2BlpblQH1o1ILWQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00309fffb4ff-OSL
alt-svc: h2=":443"; ma=60

xomoquarry.live/fim/739-NO/eb8ccce1e910ffb724a360c42a789493.gif

104.21.84.29

200 OK

16 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/eb8ccce1e910ffb724a360c42a789493.gif
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 100 x 100\012- data
Size
16 kB (15537 bytes)
Hash
45f10d30ce7014885a2d438941a16d3a
aceaef7a0d9d282a7272eb85f70030460a067fc6
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1

HTTP Headers

GET /fim/739-NO/eb8ccce1e910ffb724a360c42a789493.gif HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/gif
Content-Length: 15537
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJNm3tBcXD1Cal2orz00utoACvZKLRYzhUP6YTk2CiYtNVtrb9QXP6UgqM2PBXyNmCyAF2yoXC0UTzCndKCUQFDYb7hfUlTkrm%2Fi%2FjQco3DchKWvFPwcCJKYHxPCfiL7kj4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00309c12b4fa-OSL
alt-svc: h2=":443"; ma=60

event.trk-epicurei.com/register/event_log/v9e118mez8

188.114.96.1

200 OK

0 B

URL HTTP/2
event.trk-epicurei.com/register/event_log/v9e118mez8
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /register/event_log/v9e118mez8 HTTP/1.1
Host: event.trk-epicurei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://xomoquarry.live/
Origin: http://xomoquarry.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:48 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://xomoquarry.live
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0eLv%2BoOPQgQSOlEYzkOnPRAoWciQipkjz8TRcVzhCMx7qHW%2FTB7Q9x61Ilc4NRkF3r09XTRXMH92tUJJFhNufphm7mrZMH3zl694ftOr6ddjj8lqOvDDQJXNft9LiMsniccEcWoTVP3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b0031fbe2b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xomoquarry.live/fim/739-NO/2b20fee386cbf813572657a384ad930e.png

104.21.84.29

200 OK

67 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/2b20fee386cbf813572657a384ad930e.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 224 x 225, 8-bit/color RGB, non-interlaced\012- data
Size
67 kB (66949 bytes)
Hash
4970f6e81fd09a18580913369e9a292e
f3754d6af0fbdd94f5860b07b2b18dcb44ec56cc
478e5c20c11f79bba6cbc45ff59f2d7fc83572bee66e38fc65de1b84a7a21911

HTTP Headers

GET /fim/739-NO/2b20fee386cbf813572657a384ad930e.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 66949
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 10:04:46 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrDzP296mvmMXrU8AZNf3mFkHXrmp7BA6LspD6dQH0G4lfwOrEFmyhHYPD4Dl1cPVD0rt7Jv2tA75ok3XPjiMnHnCoNyQW8dk200OfwIpLmLH9NhdrY0gATdRPRzI5BzbB8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00309f04b4ed-OSL
alt-svc: h2=":443"; ma=60

event.trk-epicurei.com/register/event_log/v9e118mez8

188.114.96.1

200 OK

0 B

URL HTTP/2
event.trk-epicurei.com/register/event_log/v9e118mez8
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /register/event_log/v9e118mez8 HTTP/1.1
Host: event.trk-epicurei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xomoquarry.live/
Content-type: application/json
Origin: http://xomoquarry.live
Content-Length: 103
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:48 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params: 
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://xomoquarry.live
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUfYsOFHZfuL2o5zh14%2BCAl5jt1ttgYGgsvWdAncejtPVj8cW9VSfk2WwdHlYnR%2FQix2F3rwVSSJFJ7GYw0ZjKMF3mDvEKBlszUEkGmBMp%2BC%2FgtFihxk5gbYoNWvhdeffCsX2ocZRc0m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b00335dd7b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xomoquarry.live/fim/739-NO/5313410828640aa0ff4f6269f4e26597.png

104.21.84.29

200 OK

17 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/5313410828640aa0ff4f6269f4e26597.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1920 x 51, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16848 bytes)
Hash
cb0c4933835ef7b5ee5a98ce9a9316db
6e48501c1c2772ebe538efa99121b5f9a5b94dc5
ff3454175fa49d97024781237126ecd082382b28c9a5576505ff38a2785ab037

HTTP Headers

GET /fim/739-NO/5313410828640aa0ff4f6269f4e26597.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 16848
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0%2F%2Bh5RjDuzfkQtz37YQfIAg%2Ba0hlw7q1Hl3hoScQhZRaKZ2W4iB4A3OlxJNLiD%2F54VwFhFw%2FU9Z5eJ5sNqh7uGo2g9X6aRkeLKNM89xCc4MqwIJ24hJuK15hGFXsX5slP0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b003249440b49-OSL
alt-svc: h2=":443"; ma=60

xomoquarry.live/fim/739-NO/edf52100adf33f49d7594281a6f88c0d.png

104.21.84.29

200 OK

1.4 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/edf52100adf33f49d7594281a6f88c0d.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.4 kB (1385 bytes)
Hash
f80d76962e5d09440f1bfea32392c735
67d16c116d0e17684d21f74ab7959728dcbe44b4
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078

HTTP Headers

GET /fim/739-NO/edf52100adf33f49d7594281a6f88c0d.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 1385
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 10:04:46 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXuCFUZYz6jyqRHoqr9UyMoJsubBx01ONdsrfFlZAnTlGWrSr9p2Dhw6wnDCWh8lKVjww4gkm%2FBNWMR4N%2FKEXzutqioG2n%2FQ1NXQaV9tGGMHdb9%2F%2Blw9N%2Bcn9eSq2Cr9WVM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b0033db12b4ed-OSL
alt-svc: h2=":443"; ma=60

xomoquarry.live/fim/739-NO/b35d4ff35881cb1bf086b56b5c50c48c.png

104.21.84.29

200 OK

440 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/b35d4ff35881cb1bf086b56b5c50c48c.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 409 x 389, 8-bit/color RGBA, non-interlaced\012- data
Size
440 kB (440312 bytes)
Hash
859c164c48841d1338721ef81f082275
87ad93db746199fdc2b84f7d7b83d45ba35d893e
38d20c937746ce10d7624256299bcc9fac8f77e490507bac0c3d98324b0612fb

HTTP Headers

GET /fim/739-NO/b35d4ff35881cb1bf086b56b5c50c48c.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:48 GMT
Content-Type: image/png
Content-Length: 440312
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 10:04:46 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuokHc75OfiolTnCgzxYlQAWToR2fAr1fyBXsFrxwtVfAKa9c9PO5EeXb8StxRfLRaxcm7nI6MxVTOTZ3NA0sCybbDrKs2%2F654rBaE6oWbjCEqxTh9lOIsCWOq%2FOQNQS7bI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00330bb3b4ff-OSL
alt-svc: h2=":443"; ma=60

xomoquarry.live/assets/css/legacy/dist/common-hybrid.css?v=11e4e3becab4f419078ce633e967a699

104.21.84.29

200 OK

848 kB

URL HTTP/2
xomoquarry.live/assets/css/legacy/dist/common-hybrid.css?v=11e4e3becab4f419078ce633e967a699
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (25017)
Size
848 kB (847890 bytes)
Hash
6a8ebc48a1e0a31b7de2565959aa0253
0bab29d691fe51e84a33df828979b2354af3f864
16e6ae2a9c907662623f65321eea9abc7c4266240627914bdf55c87baeb67686

HTTP Headers

GET /assets/css/legacy/dist/common-hybrid.css?v=11e4e3becab4f419078ce633e967a699 HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Thu, 17 Nov 2022 22:46:26 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzSPfi%2FMazBwgrvtmD0StmzlNono2WZR%2B%2FHPD3ddlhqJcwrzddZlspyYg23P5zktgesEezR6SEW8AhnckxwBy2YXLuqasmDE8VdZPnh5QGn5%2BfRPJFJjQ83CSvrGTDt0IM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1de11c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xomoquarry.live/assets/js/intl_functions.js?v=11e4e3becab4f419078ce633e967a699

104.21.84.29

200 OK

1.4 MB

URL HTTP/2
xomoquarry.live/assets/js/intl_functions.js?v=11e4e3becab4f419078ce633e967a699
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.4 MB (1448085 bytes)
Hash
41a07b8a58da1e9feb1ec7a90eb9a058
faf4d75d4990f5138c499b06e068883985f3eafa
3c5fd35be2e5c062a82f909797d626866f695ad98ce84cde1240534b516ffbb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/intl_functions.js?v=11e4e3becab4f419078ce633e967a699 HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Mon, 26 Sep 2022 20:48:44 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpfx1EjS4t1ZTn4rvyptJQGBpZT6Y6IRlwW2Gbxsw57j0eKlhITSV2YiTVxeNnFrFt2PO9Zx0y5nDNTiLXhtpSn0o9iQEcla0RyXou7OzxfWt3Cy2oUwmh0k7MnN1Ftigic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1dda1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xomoquarry.live/assets/vendors/fontawesome/css/all.css

104.21.84.29

200 OK

1.4 MB

URL HTTP/2
xomoquarry.live/assets/vendors/fontawesome/css/all.css
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.4 MB (1383650 bytes)
Hash
54f5634cf040839a19be7e71bdbd2274
114c11e4e10fd22729485e59904f03085f0a86b4
d0c27d79e750bc8f87f0bbf44a0a1c4b56065c9c80dab7ee0489bb28747b014a

HTTP Headers

GET /assets/vendors/fontawesome/css/all.css HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Mon, 19 Jul 2021 19:00:02 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8lb0Xj3qKYAMUYA8%2F%2BgEFC5qW14OichNBnrHg668GhszPCknV4gPV%2FoHpzNqRId1ekMlXG2TqybiBECPzZJtcXUjvFL%2FWcY2%2FyACO8DNjYZucUrz6IOpDILEqmKP2GhIL8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1dd81c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xomoquarry.live/fim/739-NO/6ecd116032ec7f7b6c14dbd555a02693.png

104.21.84.29

200 OK

5.4 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/6ecd116032ec7f7b6c14dbd555a02693.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5389 bytes)
Hash
9b5c6ba6189f312f9f518255825b9028
1133590edc6e0e951329c6c8a9f96627e28cc915
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120

HTTP Headers

GET /fim/739-NO/6ecd116032ec7f7b6c14dbd555a02693.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:49 GMT
Content-Type: image/png
Content-Length: 5389
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:49 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcD7l5NjG0Gwf%2BSr97eMDgkZxCjsF%2BFBXxoAaatdSPKJb%2BzDoVj8kLJtg5qt66W6rhmk1zzLKGz9UHOzaFRWpi1rsudrAeJ%2Ff%2BJCYmcjw6zz4TeecQI4vJdwJiMsMJ3cpV4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00382a4eb4ff-OSL
alt-svc: h2=":443"; ma=60

xomoquarry.live/fim/739-NO/d6309a64fbe1fe63c8ba34d9dda4a32e.png

104.21.84.29

200 OK

414 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/d6309a64fbe1fe63c8ba34d9dda4a32e.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 380 x 440, 8-bit/color RGBA, non-interlaced\012- data
Size
414 kB (414206 bytes)
Hash
bdde172bc48180ddf3c9b7a9f2606760
b2d13a945a2b0b5785f543268c313fca148e1a97
ba98eecff8a45afcc8b229c02fa6eefff2f42f467c65298a1816a0e16318c2f7

HTTP Headers

GET /fim/739-NO/d6309a64fbe1fe63c8ba34d9dda4a32e.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:49 GMT
Content-Type: image/png
Content-Length: 414206
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:49 GMT
last-modified: Thu, 01 Dec 2022 10:04:46 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miHAoivJwE9NDD1uBDLe7vIUMt4mPDML5qXo4QC2Pc1nChd0SFFb8IzjU2deGTxSDoE2VH8nb9LbblFX5XuHhFFoNig6sKbZ9J3XoMNwZD0QkfH0vsKoYjnoRGffTojXIg4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b00358d1db4ed-OSL
alt-svc: h2=":443"; ma=60

xomoquarry.live/fim/739-NO/1d0a1b7fd7f4f9a7a5cccf5998a28367.png

104.21.84.29

200 OK

858 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/1d0a1b7fd7f4f9a7a5cccf5998a28367.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 900 x 900, 8-bit/color RGB, non-interlaced\012- data
Size
858 kB (857921 bytes)
Hash
a2917b767acbf9e968d1bb3878d619fa
75cd32978cbb0d96326eb7a13c9c2d0c1373aec7
3b81b0cae76e02e47a8b289ab7872381601919ba728e6a655482a4d304b08192

HTTP Headers

GET /fim/739-NO/1d0a1b7fd7f4f9a7a5cccf5998a28367.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:49 GMT
Content-Type: image/png
Content-Length: 857921
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:48 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdIWwVeCFTI%2By6JZmDSRle4FZSFTL86mIVtL261O8BSaPTlQOZuK%2FVW%2FKgQSb3EEDBZCk6CJoSLpewePNmgLq920aPuZnWimD22pVijKVjb%2FdSaSejp1cSPzXZXYWVxqxCA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b0034bc950b49-OSL
alt-svc: h2=":443"; ma=60

xomoquarry.live/fim/739-NO/e3f4b5b4efc72849b62a03e8a7f3d83e.png

104.21.84.29

200 OK

45 kB

URL HTTP/1.1
xomoquarry.live/fim/739-NO/e3f4b5b4efc72849b62a03e8a7f3d83e.png
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 219, 8-bit/color RGBA, non-interlaced\012- data
Size
45 kB (45013 bytes)
Hash
795beb895ed7a45b47ecafd22dca0922
baf5bd0de1c1027369ebf705dfb9fabaee8db492
c58ad513bf792848e8df90c0c7339ee9720b9b9487f2bf2268a2ae94d53f3e32

HTTP Headers

GET /fim/739-NO/e3f4b5b4efc72849b62a03e8a7f3d83e.png HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xomoquarry.live/4caeb772a1ad4e8fdb784ce19c7e507f
Cookie: PHPSESSID=0ab285dbc8add8bdf56771b63474d21c; _ga_DKB9VH2QW4=GS1.1.1669889086.1.0.1669889086.0.0.0; _ga=GA1.1.1637113895.1669889086

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:04:52 GMT
Content-Type: image/png
Content-Length: 45013
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:51 GMT
last-modified: Thu, 01 Dec 2022 08:59:19 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent,User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFIppEq%2BKyMDFlaYrPGot%2BRtzJN2zy7i5u%2BV%2BVX2BPjGfR8e3rfHkCZWze4%2FcwLx2GqbIAvLunr0UmImkMW2aDfTJnO%2F%2FXHzgudSVyHfkdWdKNwHVByF1rPyRy3Dq%2BXAFr0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772b0045faf3fabc-OSL
alt-svc: h2=":443"; ma=60

trk-epicurei.com/scripts/push/v9e118mez8

188.114.97.1

200 OK

0 B

URL HTTP/2
trk-epicurei.com/scripts/push/v9e118mez8
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/push/v9e118mez8 HTTP/1.1
Host: trk-epicurei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:48 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6WlP3edb1R%2BrnzTiVAhWRApLC9Hm4sdpDyVjAUFXelj7lzpf7wjDcv5hbTZ0scoZttmr8qaobW00AradFPsaBNvPLfI8jUDMGBuEAFhLt2V970QRNsXYUOSib%2BzNwU%2BFCVi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002fc8c21c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xomoquarry.live/assets/js/vendor/bootstrap/js/bootstrap.min.js

104.21.84.29

200 OK

0 B

URL HTTP/2
xomoquarry.live/assets/js/vendor/bootstrap/js/bootstrap.min.js
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Tue, 23 Mar 2021 22:52:06 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTjiWzwWEQf%2BPWjFT%2Fg%2BaovbvVqE8tPLsfgXBkliVcXJkik0O9xIHSq5v2WPzu7O78h2k%2BZNLwvsgo70N56tPxK0AmX2KhyeZjZQLl9SXx579R%2BrEPgUyjA2jGGrhv9ej%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1ddf1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

xomoquarry.live/assets/js/vendor/jquery-3.4.1.min.js

104.21.84.29

200 OK

0 B

URL HTTP/2
xomoquarry.live/assets/js/vendor/jquery-3.4.1.min.js
IP
104.21.84.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor/jquery-3.4.1.min.js HTTP/1.1
Host: xomoquarry.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xomoquarry.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 10:04:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 08 Dec 2022 10:04:47 GMT
last-modified: Tue, 23 Mar 2021 22:52:06 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaFlFCq2EMRyJCnvGfl1L2oM8X94MgXzHFmN%2F4XupsRPAYqVbFxeu0wA7vm9hYoLTOdg1FQcI6MMob0f0GSepokYOso6dm0M7nL0eIIWUb32fxHIvRr6TkuKPF2it6gy8%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b002c1ddd1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations