quivomira.work Open in urlscan Pro
2606:4700:3030::ac43:ba7e  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response quivomira.work/	3 KB 2 KB	1992ms 939ms	Document text/html	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quivomira.work/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3655220754404e3c5cb78464f5d83f905a52af1954c7b8bb98a3582c3722f10a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f05c7292df00f5d-EWR content-encoding zstd content-type text/html date Wed, 11 Dec 2024 13:21:28 GMT last-modified Thu, 28 Nov 2024 10:06:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBJjJuEChdNWBHWT%2Ft5Cns9VEetDN1AnDDSO33O%2FbAHE5pdP9y6XuNEpWkdqUyUbtGjoLJNDXudQWvFLTIgXs%2Bfqxl5pXroAflcOXV7YTU99H97feEi6zkZ%2BmqB4lCZXvQztOABqOAlBHcv7sg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=198264&min_rtt=141812&rtt_var=79841&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4211&recv_bytes=4473&delivery_rate=81&cwnd=12000&unsent_bytes=0&cid=581196883f0f042d&ts=1390&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	redirect.js Show response quivomira.work/	325 B 895 B	1041ms 1014ms	Script application/javascript	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quivomira.work/redirect.js Requested by Host: quivomira.work URL: https://quivomira.work/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"674840b0-145" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8H%2FBLKWuHGSxpNsma5kqaaFI0yhMmriiQ%2BH5bCotDaawEPzLps1B%2FW5Mp5Fspa%2FI758aHispcWC%2BceuWdBQprA976yM1UdS4ynoTp68moiXB%2FmqDWHYr9hZFSgpF63VHbbWUr8M3mivBxy6%2BRQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f05c7317d6b0f5d-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=231389&min_rtt=141812&rtt_var=126130&sent=16&recv=13&lost=0&retrans=0&sent_bytes=6627&recv_bytes=4803&delivery_rate=5163&cwnd=12000&unsent_bytes=0&cid=581196883f0f042d&ts=2740&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 13:21:30 GMT content-type application/javascript last-modified Thu, 28 Nov 2024 10:06:40 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	main.d54bfa037348b154a941.js Show response quivomira.work/	290 KB 111 KB	1013ms 1012ms	Script application/javascript	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quivomira.work/main.d54bfa037348b154a941.js Requested by Host: quivomira.work URL: https://quivomira.work/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c70083f389a2fafc6a5f3c35179243623b4416cab07a1c6ce08d3f7c1ddb2ae Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"674840af-48637" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7DuXNziaKTi18G0hAE9UVFaIHu878kWNBm5x%2Fg676%2F2dH9Hkfh2eUiMnIZthDyRKxuhcwURdHqksF%2F83frkdOV3W04iqGR2f%2BDDO3DBs1flRel2aYJ9JwOA3qut03ZytLV2kWikCdKPGClNn%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f05c737dcd80f5d-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=267155&min_rtt=141812&rtt_var=166129&sent=32&recv=18&lost=0&retrans=0&sent_bytes=19640&recv_bytes=6002&delivery_rate=930&cwnd=12000&unsent_bytes=0&cid=581196883f0f042d&ts=4025&x=1", cfExtPri, cfHdrFlush;dur=23 date Wed, 11 Dec 2024 13:21:31 GMT content-type application/javascript last-modified Thu, 28 Nov 2024 10:06:39 GMT vary Accept-Encoding priority u=3,i=?0
GET H3	200	main.949acaf34f3882f511ff.css quivomira.work/	111 KB 27 KB	1005ms 1004ms	Stylesheet text/css	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quivomira.work/main.949acaf34f3882f511ff.css Requested by Host: quivomira.work URL: https://quivomira.work/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5e81ea05db27d47fa91e6bd4d675cc1c8eeec9341a4db7859359a7c5ee5fca3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"674840af-1ba95" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTrg9xnt9wlAqQoHZCPbW7IMq4oT0GtfCIquPR3qVAPWS%2F2pJPlf224Fn0%2BiVlx7oGcW3V6uvJvspDoWqcgHkrKxJRV2IvAlrROwCCIj5VrE7yuxPdkXSSePtSMIOfT66bvo9YXC%2BJd8cqnHrw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f05c737dcd90f5d-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=267155&min_rtt=141812&rtt_var=166129&sent=23&recv=18&lost=0&retrans=0&sent_bytes=9366&recv_bytes=6002&delivery_rate=930&cwnd=12000&unsent_bytes=0&cid=581196883f0f042d&ts=4010&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 13:21:31 GMT content-type text/css last-modified Thu, 28 Nov 2024 10:06:39 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	compatTest.js Show response quivomira.work/	2 KB 2 KB	782ms 781ms	Script application/javascript	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quivomira.work/compatTest.js Requested by Host: quivomira.work URL: https://quivomira.work/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15c24ec2b4cb94f24e66750f09e7071e5659e20a5ed926f69f565e20a81027cf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"674840b0-9f0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hOVLXbWTIxmFyKsDYCjPkXBqAk0piNrj7hA5%2BMdoa5LeBMV4lbHfYzckpfOjf6vPuPkMixUUHaoTLlMOFhAAskmfzJnWCA3EYVyrS10NhRte6756zM352rRWc43lrRjNCysg%2BmmX8CjFzY5YPw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f05c737dcda0f5d-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=267155&min_rtt=141812&rtt_var=166129&sent=21&recv=18&lost=0&retrans=0&sent_bytes=7640&recv_bytes=6002&delivery_rate=930&cwnd=12000&unsent_bytes=0&cid=581196883f0f042d&ts=3775&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 13:21:31 GMT content-type application/javascript last-modified Thu, 28 Nov 2024 10:06:40 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	206	notification.mp3 quivomira.work/	11 KB 11 KB	821ms 820ms	Media audio/mpeg	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quivomira.work/notification.mp3 Requested by Host: quivomira.work URL: https://quivomira.work/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6 Request headers Referer https://quivomira.work/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Range bytes=0- Response headers cf-cache-status MISS etag "674840b0-2a80" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OB3aZoCixQ%2F7b9eMJH0%2Fu6A%2FezM7SDnmYiaJuDWoQcaqaw%2FWWEcDXa9Qqot%2FGKwkl62ZQhKVY48nOwLvXO8MBa1ODQG4BD2s%2FNbW6XdSOzBe2ZFgGZUW4DRbi8o6ubHK%2B8HUd%2FdUPptRh9My1Q%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=455933&min_rtt=141812&rtt_var=178358&sent=156&recv=73&lost=0&retrans=1&sent_bytes=155297&recv_bytes=10157&delivery_rate=93165&cwnd=79200&unsent_bytes=0&cid=581196883f0f042d&ts=5857&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 13:21:33 GMT content-type audio/mpeg last-modified Thu, 28 Nov 2024 10:06:40 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Content-Range bytes 0-10879/10880 cf-ray 8f05c744ebb70f5d-EWR Content-Length 10880 server cloudflare
GET H2	200	_websync_ Show response t.me/	4 B 359 B	1484ms 472ms	Script application/json	2001:67c:4e8:f004::9 Telegram Telegram...
General Check archive.org Show headers Download Go to Full URL https://t.me/_websync_?authed=0&version=10.9.21+A Requested by Host: quivomira.work URL: https://quivomira.work/main.d54bfa037348b154a941.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (Telegram Telegram Messenger Inc, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b Security Headers Name Value Strict-Transport-Security max-age=35768000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/ Response headers strict-transport-security max-age=35768000 cache-control no-store content-encoding gzip pragma no-cache content-length 24 date Wed, 11 Dec 2024 13:21:34 GMT content-type application/json; charset=utf-8 server nginx/1.18.0
GET H2	200	_websync_ Show response telegram.me/	4 B 359 B	1426ms 441ms	Script application/json	2001:67c:4e8:f004::9 Telegram Telegram...
General Check archive.org Show headers Download Go to Full URL https://telegram.me/_websync_?authed=0&version=10.9.21+A Requested by Host: quivomira.work URL: https://quivomira.work/main.d54bfa037348b154a941.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (Telegram Telegram Messenger Inc, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b Security Headers Name Value Strict-Transport-Security max-age=35768000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/ Response headers strict-transport-security max-age=35768000 cache-control no-store content-encoding gzip pragma no-cache content-length 24 date Wed, 11 Dec 2024 13:21:34 GMT content-type application/json; charset=utf-8 server nginx/1.18.0
GET H3	200	5193.75042954cc9da1f6d6ac.js Show response quivomira.work/	18 KB 7 KB	742ms 741ms	Script application/javascript	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quivomira.work/5193.75042954cc9da1f6d6ac.js Requested by Host: quivomira.work URL: https://quivomira.work/main.d54bfa037348b154a941.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd5d096f167239210ad895c0332de2bc95585ad11a667295e97687efde54162a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"674840af-47f6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXClaxPPNW%2BQUJ4BI7SVH0Rz5%2BY9jvsj7bqe63RiDYxrbGFHev6ARYoF%2FfHZ%2B2wr6MBKUGHBUbaALI7B4Ur7MFZpCnwnjwGi5KBhPvOQuBAOYpCP3UL3oQ6yqZXJBp4ayBxswdvTUgQkDayGeA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f05c7457c760f5d-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=455933&min_rtt=141812&rtt_var=178358&sent=168&recv=73&lost=0&retrans=1&sent_bytes=168483&recv_bytes=10157&delivery_rate=93165&cwnd=79200&unsent_bytes=0&cid=581196883f0f042d&ts=5943&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 13:21:33 GMT content-type application/javascript last-modified Thu, 28 Nov 2024 10:06:39 GMT vary Accept-Encoding priority u=3,i=?0
GET H3	200	chat-bg-br.f34cc96fbfb048812820.png quivomira.work/	2 KB 3 KB	742ms 738ms	Image image/png	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://quivomira.work/chat-bg-br.f34cc96fbfb048812820.png Requested by Host: quivomira.work URL: https://quivomira.work/main.949acaf34f3882f511ff.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3151f7930d821bccf4a76cbbe4a3533e2b56bdff696f260c864ab639ac7526ea Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/main.949acaf34f3882f511ff.css Response headers cf-cache-status MISS etag "674840af-780" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oe7r8%2BuYqLq%2BkiD1FWuaJr5%2FwLqa%2FwwJlJWIc7lHCOooGj%2Bouihh8DSzUAgeWkHwZgmdzxGb41TvM57%2FiQc4tDcCNnx4d6mnI%2FDrDIecoUBUBEtSoKh3FgxDNXdQwHB1Gddg8xtZcUEMc%2BbGdA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=455933&min_rtt=141812&rtt_var=178358&sent=175&recv=73&lost=0&retrans=1&sent_bytes=176272&recv_bytes=10157&delivery_rate=93165&cwnd=79200&unsent_bytes=0&cid=581196883f0f042d&ts=5957&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 13:21:33 GMT content-type image/png last-modified Thu, 28 Nov 2024 10:06:39 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f05c7459ca00f5d-EWR accept-ranges bytes content-length 1920 server cloudflare
GET H3	200	chat-bg-pattern-light.ee148af944f6580293ae.png quivomira.work/	266 KB 267 KB	1170ms 1166ms	Image image/png	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://quivomira.work/chat-bg-pattern-light.ee148af944f6580293ae.png Requested by Host: quivomira.work URL: https://quivomira.work/main.949acaf34f3882f511ff.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00745db819d91c37bf0f59bee00ab2efe9766fddcb726ff1bcb6847748b2bbc7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/main.949acaf34f3882f511ff.css Response headers cf-cache-status MISS etag "674840af-429eb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tOmCcFyoYJo8%2B9im2MdCrM5%2FtTafZkz2bGKcpU9lnDzg9GnLEVXyduKzyX4tB2Vq3Ae7YnWKU9BBRQNAEM7yLaqsemVWUirqeRQ%2FIfj%2BZx1zhcmhLJgV%2FCU0bv8w%2BDdEGHbUmdnLOQzJlmqC2A%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=399867&min_rtt=141812&rtt_var=162456&sent=192&recv=76&lost=2&retrans=1&sent_bytes=194351&recv_bytes=10296&delivery_rate=28100&cwnd=55440&unsent_bytes=0&cid=581196883f0f042d&ts=6377&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 13:21:33 GMT content-type image/png last-modified Thu, 28 Nov 2024 10:06:39 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f05c7459ca40f5d-EWR accept-ranges bytes content-length 272875 server cloudflare
GET H3	200	telegram-logo.1b2bb5b107f046ea9325.svg quivomira.work/	932 B 1 KB	721ms 720ms	Image image/svg+xml	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://quivomira.work/telegram-logo.1b2bb5b107f046ea9325.svg Requested by Host: quivomira.work URL: https://quivomira.work/main.949acaf34f3882f511ff.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ade1ddec66f6e98e30d8a56b01e7dd9d2c84a8f4dac51bc88d2ab5bc6e5d1a62 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/main.949acaf34f3882f511ff.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"674840af-3a4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bh4UXQzF59MKbwMYr1xZfN%2Bs2Cfum%2FL8R5X%2BXO4iBKVoSIDdhWFEUmWIQ6XA3cRdgfClfQxKETo8gjyCNX04aqX5cewiNTSuSDCfk6emhmXRfCsla5l5LAaTZzkCR2iHppxiS6onCBar0FCJpQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f05c7459ca70f5d-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=455933&min_rtt=141812&rtt_var=178358&sent=166&recv=73&lost=0&retrans=1&sent_bytes=167149&recv_bytes=10157&delivery_rate=93165&cwnd=79200&unsent_bytes=0&cid=581196883f0f042d&ts=5936&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 13:21:33 GMT content-type image/svg+xml last-modified Thu, 28 Nov 2024 10:06:39 GMT vary Accept-Encoding priority u=3,i
GET DATA	200 OK	truncated /	307 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bc5cbdb6250171b87c0310a8e636e39f5a56b4d8a78262315705c2cc9ab8da14 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	244 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b9e73b25890fe9c309feff6ef849db08babba9c055b169c20815866d264f3ef Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET		3559.80b270ba0e217557b392.js quivomira.work/	0 0
GET H3	200	8673.1b6dd8d303b0535cc1f8.js Show response quivomira.work/	10 KB 5 KB	669ms 669ms	Script application/javascript	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quivomira.work/8673.1b6dd8d303b0535cc1f8.js Requested by Host: quivomira.work URL: https://quivomira.work/main.d54bfa037348b154a941.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25f447387cefb643c04e0aa816e21edf562ebe9b7e3f7b808bdb179154fc17b8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"674840af-29c8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0s8pY2FWyd9QC1fM7TX3yJEOMKXjUiPdqwmNm0l8QCyOJjh92BqaY7holngS6nFE6RV54Qdn9QhBUfmKarLQPlLajdJmN5g%2FTZI9jLVlkbldymKU6XfXZxXTUwqXKEWp8DYUn%2B9eUn9aD7iHw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f05c75789920f5d-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=174399&min_rtt=125671&rtt_var=49570&sent=616&recv=163&lost=17&retrans=16&sent_bytes=666166&recv_bytes=14678&delivery_rate=323940&cwnd=53928&unsent_bytes=0&cid=581196883f0f042d&ts=8841&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 13:21:36 GMT content-type application/javascript last-modified Thu, 28 Nov 2024 10:06:39 GMT vary Accept-Encoding priority u=3,i=?0
GET		2976.4e6e9b1254ce313f06c5.js quivomira.work/	0 0
GET		2976.4e6e9b1254ce313f06c5.js quivomira.work/	0 0
GET		2976.4e6e9b1254ce313f06c5.js quivomira.work/	0 0
GET		2976.4e6e9b1254ce313f06c5.js quivomira.work/	0 0
GET H3	200	favicon.ico quivomira.work/	2 KB 3 KB	786ms 785ms	Other image/x-icon	2606:4700:3030::ac43:ba7e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://quivomira.work/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:ba7e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://quivomira.work/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"674840b0-969" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8fuQ94Xn7xzhdF%2BtHhdZQ7gEBgBDfbNRYwtm1Y1cQcQoeTmL0XGfR0SkaOo0hSG9T9lFoe9ospViZsMGP9ghIOhF0SAvZIeksRGGz8Sd6S%2BTtCr%2FhfclJUssMjavKvy4zGJcvY1lccJuhyQNaw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f05c75bef300f5d-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=171304&min_rtt=125671&rtt_var=39250&sent=638&recv=169&lost=17&retrans=16&sent_bytes=685258&recv_bytes=16090&delivery_rate=50991&cwnd=53928&unsent_bytes=0&cid=581196883f0f042d&ts=9524&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 13:21:37 GMT content-type image/x-icon last-modified Thu, 28 Nov 2024 10:06:40 GMT vary Accept-Encoding priority u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

quivomira.work

URL

https://quivomira.work/3559.80b270ba0e217557b392.js

Domain

quivomira.work

URL

https://quivomira.work/2976.4e6e9b1254ce313f06c5.js

Domain

quivomira.work

URL

https://quivomira.work/2976.4e6e9b1254ce313f06c5.js

Domain

quivomira.work

URL

https://quivomira.work/2976.4e6e9b1254ce313f06c5.js

Domain

quivomira.work

URL

https://quivomira.work/2976.4e6e9b1254ce313f06c5.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| compatTest boolean| isCompatTestPassed object| webpackChunktelegram_t

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://quivomira.work/ Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' https://t.me/_websync_ https://telegram.me/_websync_". Either the 'unsafe-inline' keyword, a hash ('sha256-zFgbRTBah9NzidMH78VEmHsofpBXbc5P29/QcmZff9k='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://quivomira.work/ Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' https://t.me/_websync_ https://telegram.me/_websync_". Either the 'unsafe-inline' keyword, a hash ('sha256-4RewoUSQMNvAlucvjV6GqDGjSYcsGUD8A2TGJ8FjlyE='), or a nonce ('nonce-...') is required to enable inline execution.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

quivomira.work
t.me
telegram.me
quivomira.work
2001:67c:4e8:f004::9
2606:4700:3030::ac43:ba7e
00745db819d91c37bf0f59bee00ab2efe9766fddcb726ff1bcb6847748b2bbc7
15c24ec2b4cb94f24e66750f09e7071e5659e20a5ed926f69f565e20a81027cf
25f447387cefb643c04e0aa816e21edf562ebe9b7e3f7b808bdb179154fc17b8
3151f7930d821bccf4a76cbbe4a3533e2b56bdff696f260c864ab639ac7526ea
3655220754404e3c5cb78464f5d83f905a52af1954c7b8bb98a3582c3722f10a
375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f
4c70083f389a2fafc6a5f3c35179243623b4416cab07a1c6ce08d3f7c1ddb2ae
504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357
6b9e73b25890fe9c309feff6ef849db08babba9c055b169c20815866d264f3ef
86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6
ade1ddec66f6e98e30d8a56b01e7dd9d2c84a8f4dac51bc88d2ab5bc6e5d1a62
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bc5cbdb6250171b87c0310a8e636e39f5a56b4d8a78262315705c2cc9ab8da14
d5e81ea05db27d47fa91e6bd4d675cc1c8eeec9341a4db7859359a7c5ee5fca3
fd5d096f167239210ad895c0332de2bc95585ad11a667295e97687efde54162a