Report - www.tricityepoxycoatings.com/

Report Overview

Submitted URL
www.tricityepoxycoatings.com/
IP
216.152.143.240
ASN
#13768 COGECO-PEER1
Submitted
2022-10-02 20:09:17
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	64 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	13.224.222.85
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	815 B	11 kB	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ssl.google-analytics.com	275	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	18 kB	142.250.74.72
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	438 B	8.4 kB	142.250.74.170
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	47 kB	216.58.207.195
d2ra6nuwn69ktl.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	155 kB	13.224.227.209
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.238.3.246
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.7 kB	142.250.74.3
www.vcita.com	65076	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	4.1 kB	104.18.2.196
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	393 B	172.64.156.26
www.tricityepoxycoatings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	794 B	686 B	216.152.143.240
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	13.224.222.39
tricityepoxycoatings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.0 kB	2.0 MB	216.152.143.240

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed
2022-10-02	medium	tricityepoxycoatings.com	Sinkholed

Files detected

URL
tricityepoxycoatings.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP
216.152.143.240
ASN
#13768 COGECO-PEER1

File type
gzip compressed data, max compression\012- data
Size
1.6 kB (1635 bytes)
Hash
ba75a046539d171930796f9716eed3a4
5ea6308d72651bc0f4ab33626e6bfa175f612ea2
d9ae852f3ee0d565f8e794ad29d23b03f6ea7b47a681c891e7caa2dcfb874a8c

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

URL
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.195
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
19 kB (18962 bytes)
Hash
26fcf4b6fcb9453ecddf9e93fadcf677
cdc2b592232cf41176a9ccca0dedba00d55e5710
8faa62d1ffc4f93ce25ee5f84fbf4db5f5358b76e84ff4cc63b2db6efb40131c

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (20)

	URL	Size	First Seen	Last Seen
	www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate	1.5 kB	2023-03-08	2023-03-08
Pretty URL www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate IP 104.18.2.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:52 Last Seen2023-03-08 04:46:52 Times Seen1 Hash 0ede4b35768c558f69a8817906133ec9 92655447993916614cf543c4eef0fba97e305e15 6653365580b31f01c0b2f402ff2dff8baa3cd0bf291d3356f7afc877f285631c Loading...

	tricityepoxycoatings.com/wp-content/themes/beacon-theme_san-antonio/js/min/theme-min.js	10 kB	2023-03-08	2023-03-25
Pretty URL tricityepoxycoatings.com/wp-content/themes/beacon-theme_san-antonio/js/min/theme-min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:52 Last Seen2023-03-25 23:03:36 Times Seen2 Hash 9d4c18d7c0456b50242495be73fa9fe8 3ef45ce1b44c844126c9728f4034939c86bac758 9cde0079e13fc5279dd5b9afdd9495b10d7c47e393a64fadc0a461a52e733d43 Loading...

	tricityepoxycoatings.com/wp-content/themes/beacon-easton/js/theme-menu-horizontal-v1.min.js	6.7 kB	2023-03-08	2023-03-25
Pretty URL tricityepoxycoatings.com/wp-content/themes/beacon-easton/js/theme-menu-horizontal-v1.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:52 Last Seen2023-03-25 23:03:36 Times Seen2 Hash 4c1e0a5058b17c80ed8af74bb98b2bb2 66e6dd204552463d7b634e1b38a0614f0b3a87ec 81e545d448ee35338a08b2e782144f1825b7f4ab8679770588f8edf78c625508 Loading...

	tricityepoxycoatings.com/	783 B	2023-03-08	2023-03-08
Pretty URL tricityepoxycoatings.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:52 Last Seen2023-03-08 04:46:52 Times Seen1 Hash 0bf6eb73ced0b0871494e48bfea468f8 c136bc3427ca90fe0b77cabdd1feea36eabce816 7d5eb6f34278cf7eeeefd52f88a13800b00eaf3db1341eb5e68f1ce6a34cdd93 Loading...

	tricityepoxycoatings.com/	109 B	2023-03-08	2023-03-08
Pretty URL tricityepoxycoatings.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:52 Last Seen2023-03-08 04:46:52 Times Seen1 Hash 8cf85e733e54c1eeb05f4a31412db1ea 509ecf5d6a195d7dc5c26884d79e02c67f592f94 c93a74afd58a26d31976350a6dad0dbcfaf47f50d4f6edf93871e7aa301d147a Loading...

	tricityepoxycoatings.com/	74 B	2023-03-07	2024-01-05
Pretty URL tricityepoxycoatings.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-05 14:28:13 Times Seen13 Hash 0ca1d59c845951c81df3723cf6e06509 77d9dd33d3dc07adc4608a84eccb29c836e0ec15 f298881955505374d260f5586d86a2ac4db77f061b0bf2ddadde8c7ce3dd9b41 Loading...

	tricityepoxycoatings.com/	714 B	2023-03-08	2023-03-08
Pretty URL tricityepoxycoatings.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:52 Last Seen2023-03-08 04:46:52 Times Seen1 Hash 121d070cdd10b647feb6046476af2178 53844bd0d8c56de23d15726db87ee0d31ac19676 adca657e3c9f0124ce4db2d76ceebd46cc76bfaf94c451fcc43fe3c190a9042f Loading...

	tricityepoxycoatings.com/wp-content/themes/beacon-easton/js/min/theme-plugins-min.js	95 kB	2023-03-08	2023-03-25
Pretty URL tricityepoxycoatings.com/wp-content/themes/beacon-easton/js/min/theme-plugins-min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:52 Last Seen2023-03-25 23:03:35 Times Seen2 Hash 47181ab669df68e0c2cc249a82db018d 8e6d15de533d404ba5ccee620ca5835f37998157 04e224c5e14f36403d5e1b195c93e0b461e47ae41084c4df45e6e996e927f1b0 Loading...

	tricityepoxycoatings.com/	2.9 kB	2023-03-08	2023-03-08
Pretty URL tricityepoxycoatings.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:52 Last Seen2023-03-08 04:46:52 Times Seen1 Hash b7e1d1e50ff3f9b1e6fa74db1d64a914 304431889096c8df5a3caaac0935a581fad5becf 3e02e799adb64f0db83d52924a1a44ca251e520b64b049bda67c418538748eeb Loading...

	www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate	62 B	2023-03-07	2023-03-29
Pretty URL www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate IP 104.18.2.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:06 Last Seen2023-03-29 22:55:29 Times Seen5 Hash fef4af331a49aca875fbef75dcec098a 942010abdd57b7c42321806e4fd1f2de152b1c21 e9326832d95643751315c220806fb08a36146c3d871ed3b4852d3c8adb598dc4 Loading...

	www.vcita.com/widgets/active_engage/configuration?id=uz26j04d40ms71ak&callback=jQuery111106893323570530543_1664741348072&_=1664741348073	3.0 kB	2023-03-08	2023-03-08
Pretty URL www.vcita.com/widgets/active_engage/configuration?id=uz26j04d40ms71ak&callback=jQuery111106893323570530543_1664741348072&_=1664741348073 IP 104.18.2.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:52 Last Seen2023-03-08 04:46:52 Times Seen1 Hash d2d673efb3088be120465ceb27eee866 5763f4446537b1ba38c8ad9c70809c55a7c17ef3 1b0b8b9eccd6be99339ff13f670bc97934df3ec8f445f65dd0c8c0d0de80954a Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-04-26
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 172.64.156.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 05:43:44 Times Seen1638 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	tricityepoxycoatings.com/cms_websites/js/external/scripts.js	407 kB	2023-03-07	2023-03-14
Pretty URL tricityepoxycoatings.com/cms_websites/js/external/scripts.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-14 06:47:02 Times Seen1 Hash 4a577c9981aa1b4382753aad507b39c6 88544dd831c5b7d15c9864813bfa85b90538afe3 f6e0a49a81916892daf64a97d9ccc1230323161ed2b6b1815eb174e4fe2d6c78 Loading...

	tricityepoxycoatings.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js	1.2 kB	2023-03-07	2024-01-31
Pretty URL tricityepoxycoatings.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-31 16:23:41 Times Seen37 Hash 02e2d3983e38c9bce62b5a450d8ef056 075d832d09eb6ec64df1205e5a23644c9657450c e45a2dc0c3d0072db0ad96e13e64a8ebabf7f36cd0cec49932117a6c2998931b Loading...

	tricityepoxycoatings.com/cms_websites/js/internal/beacon-lazy-load.min.js	3.7 kB	2023-03-08	2023-03-25
Pretty URL tricityepoxycoatings.com/cms_websites/js/internal/beacon-lazy-load.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:46:52 Last Seen2023-03-25 23:03:36 Times Seen2 Hash 2adbbc301ac67277498d61b55468cf74 0259f279b06dbce015f75a7587194d8b604568f4 1529bb7c215c97b562cf32518f681e90203d830bd465f4948a4029ce52194a71 Loading...

	tricityepoxycoatings.com/cms_websites/tools/GAEventTracking/js/scripts.min.js	1.0 kB	2023-03-07	2024-01-31
Pretty URL tricityepoxycoatings.com/cms_websites/tools/GAEventTracking/js/scripts.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-31 16:23:41 Times Seen37 Hash 880a1ec15331350293dc0001fddbdd05 8287010cbfd5bfa9d20b71c6320f91c0a73f0275 193eafafb10fe21b2fa8251fd5734649c077f9d19fa217fb19967189c96094ec Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1664741	183 kB	2023-03-07	2023-04-07
Pretty URL d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1664741 IP 13.224.227.209 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:33 Last Seen2023-04-07 03:36:33 Times Seen8 Hash f2d115cea54c6a011c4c9d3abd56e8ec 0302243ae2b62f1c41277bad4421ab033b2527b4 59178178a08480bfad9e7ac7ddc7097367f0fbb152c964ba0a93dd25a56a9596 Loading...

	tricityepoxycoatings.com/wp-includes/js/underscore.min.js?ver=1.8.3	16 kB	2023-03-07	2024-04-22
Pretty URL tricityepoxycoatings.com/wp-includes/js/underscore.min.js?ver=1.8.3 IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:25 Last Seen2024-04-22 17:35:36 Times Seen1233 Hash 6a3a434a1360cc744341e97de9177bc6 d110825c3252a677ce8b6fd81cd2eda0201e4e1b 4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828 Loading...

	www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate	462 B	2023-03-07	2023-03-29
Pretty URL www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate IP 104.18.2.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:06 Last Seen2023-03-29 22:55:29 Times Seen5 Hash 21ada8b35a2b728a90b131bc4b7f6940 c11585509f5eec0d5678acb31e7a8a1fe76b9371 fa4f94d472a3c952d6593f9a478ac61dd249b354aa6ad2fb585a8c3a7c007a0e Loading...

HTTP Transactions (69)

URL IP Response Size

www.tricityepoxycoatings.com/

216.152.143.240

301 Moved Permanently

178 B

URL HTTP/1.1
www.tricityepoxycoatings.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 20:09:05 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.tricityepoxycoatings.com/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5181
Expires: Sun, 02 Oct 2022 21:35:26 GMT
Date: Sun, 02 Oct 2022 20:09:05 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

13.224.222.39

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
13.224.222.39:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 20:03:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 340acc109468df693ec024a66dbb0f1e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: Vi6W7qZ1QoD06DzuK3S_I-NLi-fQWIsjQpcQADtYhhu0Mleoqi-R4g==
Age: 351

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

13.224.222.85

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
13.224.222.85:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 51c6fa41a8f5079dc547fd1acb8e2948.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: -htv7bv9Gjncar_rDMZZYqgrcX0SqBkjZFCwZrb5ScEX6lsPu51vVg==
age: 59749
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 20:09:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
185cd27a5ada1fffa8ebea49be92ae6d
ecff16b3cfb9d19782a83345342213e79c269e49
64a48a083b7760db0854e93d21f369aed4435ba1a3de09f2796f9f97c33ea120

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64A48A083B7760DB0854E93D21F369AED4435BA1A3DE09F2796F9F97C33EA120"
Last-Modified: Sun, 02 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 03 Oct 2022 02:09:05 GMT
Date: Sun, 02 Oct 2022 20:09:05 GMT
Connection: keep-alive

www.tricityepoxycoatings.com/

216.152.143.240

301 Moved Permanently

0 B

URL HTTP/1.1
www.tricityepoxycoatings.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 20:09:05 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://tricityepoxycoatings.com/
Vary: Accept-Encoding
X-Varnish: 45828085 45706634
Age: 5
Via: 1.1 varnish (Varnish/5.2)

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

13.224.222.39

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
13.224.222.39:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 19:32:53 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 19:44:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d9301398db70d749f8b2ddc8f79c19e2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: eFiRLYHKWZ0Y08XCu2-wRZ383UBttk9jeUoD84QHd6NElDHcA3rfmQ==
Age: 2173

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3015
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:06 GMT
Last-Modified: Sun, 02 Oct 2022 19:18:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

tricityepoxycoatings.com/

216.152.143.240

200 OK

7.2 kB

URL HTTP/1.1
tricityepoxycoatings.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (873), with CRLF, LF line terminators
Size
7.2 kB (7211 bytes)
Hash
07eec8a778702eaf5701b789743b5e19
62e354b94c5415e07821813ee8e9522616ce3c54
a4794979c12d50e2f5a8655923b3f47614e92282e21169d34230d6f7569805a7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7211
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45640220 46010218
Age: 9
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

push.services.mozilla.com/

44.238.3.246

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.238.3.246:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: quZMc92aDfp6ud+h5wldaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: T3N5JNzEXzVye9Wv3ZYYyFLO/90=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11

142.250.74.170

200 OK

7.3 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28290)
Size
7.3 kB (7320 bytes)
Hash
29cec33e497be5e450f9703d98efca3b
4bcb24406115ca93d35ba145b78234b6f5e5d135
287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012

HTTP Headers

GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 07:21:44 GMT
expires: Sun, 01 Oct 2023 07:21:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
age: 132442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tricityepoxycoatings.com/cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1

216.152.143.240

200 OK

52 kB

URL HTTP/1.1
tricityepoxycoatings.com/cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text
Size
52 kB (52079 bytes)
Hash
6a1aca5280b08c14610ff95724ecaf93
db91dc1f4abef07e0c34e784996bddc11249102e
5a15637dd7ce2b8cb40fd7ba3d46ecda4c6711a8af97dea004b37320f5fee03c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1 HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Type: text/css
Content-Length: 52079
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 17:18:55 GMT
ETag: "6f827-5e8ba70a766ab-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46010554
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/wp-content/themes/beacon-easton/js/min/theme-plugins-min.js

216.152.143.240

200 OK

23 kB

URL HTTP/1.1
tricityepoxycoatings.com/wp-content/themes/beacon-easton/js/min/theme-plugins-min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (31956)
Size
23 kB (23216 bytes)
Hash
20bfd63ec0482fcd8f5593e4172f5a91
fb4506839def74a1b7b8d24e806df068ebc5b4ea
ce0751118027f75c01a4e1d44514d0fe4b3833c7335801c61978b39c8fc4fc99

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/beacon-easton/js/min/theme-plugins-min.js HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Type: application/javascript
Content-Length: 23216
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:26 GMT
ETag: "17376-5a7d7dcb4689f-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45761528
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js

216.152.143.240

200 OK

465 B

URL HTTP/1.1
tricityepoxycoatings.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (1164), with no line terminators
Size
465 B (465 bytes)
Hash
ae9e1ea6af46bf62a7469101eb4a8f55
e94958da3bfd259c99019190f6c4e449e0c16aee
bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Type: application/javascript
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:41 GMT
ETag: "48c-5d727b3a6c8f4-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 283891575 284271123
Age: 9
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/wp-content/themes/beacon-theme_san-antonio/js/min/theme-min.js

216.152.143.240

200 OK

2.4 kB

URL HTTP/1.1
tricityepoxycoatings.com/wp-content/themes/beacon-theme_san-antonio/js/min/theme-min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (10443), with no line terminators
Size
2.4 kB (2405 bytes)
Hash
9fc421dfc60dcf4397481c1134b140e3
505dae58ea97c8cb8ced7e7fae55db7d3666a144
ef37883dc6ae806194145f521dd3c6b02221e04c3d3ebdc0ab3e4e604419efb6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/beacon-theme_san-antonio/js/min/theme-min.js HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Type: application/javascript
Content-Length: 2405
Connection: keep-alive
Last-Modified: Thu, 09 Sep 2021 00:06:13 GMT
ETag: "28cb-5cb84c455239d-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45828128
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/cms_websites/cms_custom_css.php?ver=248_11

216.152.143.240

200 OK

3.3 kB

URL HTTP/1.1
tricityepoxycoatings.com/cms_websites/cms_custom_css.php?ver=248_11
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text
Size
3.3 kB (3306 bytes)
Hash
1231eb3b619de6d1c9ef7fb1bee01ec6
05a749c58561f30f0b6582d5d542a1ad8c0ab7f9
b3052c17991a43d2729a3d634f9d6c4a8eb8bcc0cba8793f0d1fbc01f3cabc13

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/cms_custom_css.php?ver=248_11 HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 3306
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45881667
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/wp-includes/js/underscore.min.js?ver=1.8.3

216.152.143.240

200 OK

5.8 kB

URL HTTP/1.1
tricityepoxycoatings.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (16194)
Size
5.8 kB (5822 bytes)
Hash
0de80519eb796dc06fa34efcf454c797
1274f536f1c2c51ad2b0c0f121da21cc43854ea5
059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Type: application/javascript
Content-Length: 5822
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:32 GMT
ETag: "401a-59379a2a64404-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45761539 45881542
Age: 8
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/cms_websites/cms_theme_custom_css.php?ver=248_11

216.152.143.240

200 OK

4.1 kB

URL HTTP/1.1
tricityepoxycoatings.com/cms_websites/cms_theme_custom_css.php?ver=248_11
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
assembler source, ASCII text
Size
4.1 kB (4061 bytes)
Hash
e908999b990d5ddb588f748c8d078850
f54392a9da874d192898b7dc47db9a652e60afce
8097c2e8d387f963703f40b0536e4b3d498fbfdce05b4c2c2dca75b5faa5ed7d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 4061
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46010577
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/cms_websites/js/internal/beacon-lazy-load.min.js

216.152.143.240

200 OK

1.5 kB

URL HTTP/1.1
tricityepoxycoatings.com/cms_websites/js/internal/beacon-lazy-load.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (711)
Size
1.5 kB (1511 bytes)
Hash
2d8efb282dc94590ef8e29cce1999c3e
a789f740b749b873e23bdf2de83bde7a04a5e89b
8ff9c2939ed58514693157d95935fcb312c08aa221300f4c01b0bbf0cc6e68db

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/js/internal/beacon-lazy-load.min.js HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: application/javascript
Content-Length: 1511
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "e96-5c189ea4b2d4d-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46010583
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/wp-content/themes/beacon-easton/js/theme-menu-horizontal-v1.min.js

216.152.143.240

200 OK

2.1 kB

URL HTTP/1.1
tricityepoxycoatings.com/wp-content/themes/beacon-easton/js/theme-menu-horizontal-v1.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (2945)
Size
2.1 kB (2063 bytes)
Hash
b090b8d374acdea0535eb0e08b1183fa
d8b4e3448ab0fb902ad5866a2965f63f72126de9
1c5b635bccee37b9e2e8ee5b2c730b0759c6ea249b5635aaa1b9eebc524a3a0b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/beacon-easton/js/theme-menu-horizontal-v1.min.js HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: application/javascript
Content-Length: 2063
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "1a05-5c189ea3c1357-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45881678 45948574
Age: 7
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/cms_websites/tools/GAEventTracking/js/scripts.min.js

216.152.143.240

200 OK

517 B

URL HTTP/1.1
tricityepoxycoatings.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (1015), with no line terminators
Size
517 B (517 bytes)
Hash
09a9e3bc0d18d851d1276481ed543c9e
87f953897b9f07e27e0b080a4320a9b78fc80167
9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: application/javascript
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:35 GMT
ETag: "3f7-5d727b3527792-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46010586 45706637
Age: 6
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/cms_websites/js/external/scripts.js

216.152.143.240

200 OK

121 kB

URL HTTP/1.1
tricityepoxycoatings.com/cms_websites/js/external/scripts.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (32077)
Size
121 kB (120679 bytes)
Hash
2b2400ce27b4d1d8ceca82bed3e8bad2
2ebaca6538cccffd5a042f53e46a18b2133acb9a
bd364f13dac56e31208849b685194592c91631fa41a8c396c5346417fccc47e7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/js/external/scripts.js HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Type: application/javascript
Content-Length: 120679
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "634a9-5c189ea477bf3-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46106363 45509158
Age: 9
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/cms_websites/img/lazy-load-placeholder.png

216.152.143.240

200 OK

1.2 kB

URL HTTP/1.1
tricityepoxycoatings.com/cms_websites/img/lazy-load-placeholder.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1202 bytes)
Hash
da4a5f76c26dbfec59eb5fe8203260b6
4eaa1177c496eee6f870521341cd085ee01755a9
ce132516a708f2d42cff5f86b734d76e9b6da3066d399f0143ddd6d4c1c39e3c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/img/lazy-load-placeholder.png HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: image/png
Content-Length: 1202
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "4b2-5c189ea4b0e0d"
Vary: Accept-Encoding
X-Varnish: 45640224
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/files/2022/08/7A15D573DDC60EDB1876E161CC3FAF43.png

216.152.143.240

200 OK

34 kB

URL HTTP/1.1
tricityepoxycoatings.com/files/2022/08/7A15D573DDC60EDB1876E161CC3FAF43.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 460 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (34534 bytes)
Hash
7a15d573ddc60edb1876e161cc3faf43
5de9ee34902f96a082cea57b250a364a02110fee
73e140d052fefdd0655119986604859aa9ec826d5033ecc9cf65c64be6584dec

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/08/7A15D573DDC60EDB1876E161CC3FAF43.png HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: image/png
Content-Length: 34534
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 16:36:07 GMT
ETag: "27ae1856d140adfb81feac24d7c1da4b"
Expires: Wed, 03 Dec 2025 05:55:47 GMT
Vary: Accept-Encoding
X-Varnish: 284185635
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/files/2022/08/7A15D573DDC60EDB1876E161CC3FAF43_1.png

216.152.143.240

200 OK

34 kB

URL HTTP/1.1
tricityepoxycoatings.com/files/2022/08/7A15D573DDC60EDB1876E161CC3FAF43_1.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 460 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (34534 bytes)
Hash
7a15d573ddc60edb1876e161cc3faf43
5de9ee34902f96a082cea57b250a364a02110fee
73e140d052fefdd0655119986604859aa9ec826d5033ecc9cf65c64be6584dec

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/08/7A15D573DDC60EDB1876E161CC3FAF43_1.png HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: image/png
Content-Length: 34534
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 16:36:29 GMT
ETag: "e8f2067bfb7257640b9a8e55a8775e3c"
Expires: Wed, 03 Dec 2025 05:55:47 GMT
Vary: Accept-Encoding
X-Varnish: 45327675
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tricityepoxycoatings.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif

216.152.143.240

200 OK

1.6 kB

URL HTTP/1.1
tricityepoxycoatings.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
gzip compressed data, max compression\012- data
Size
1.6 kB (1635 bytes)
Hash
ba75a046539d171930796f9716eed3a4
5ea6308d72651bc0f4ab33626e6bfa175f612ea2
d9ae852f3ee0d565f8e794ad29d23b03f6ea7b47a681c891e7caa2dcfb874a8c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: image/gif
Content-Length: 1097
Connection: keep-alive
Last-Modified: Fri, 11 Oct 2013 16:05:10 GMT
ETag: "449-4e87948635980"
Vary: Accept-Encoding
X-Varnish: 45881702
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11

142.250.74.10

200 OK

9.4 kB

URL HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
9.4 kB (9410 bytes)
Hash
ffdc7a7fcc0fbf2869e33a64e57fa665
1e4cd02a6e3a8504adc84c0004fc873e75b0dab1
c80359c47b8815a6b3e8120d4aac29017919ce34e9e32b939fcc8eefc2dc71d8

HTTP Headers

GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 20:09:06 GMT
date: Sun, 02 Oct 2022 20:09:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2

216.58.207.195

200 OK

8.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data
Size
8.7 kB (8668 bytes)
Hash
a242ba0df3a128a2cab929a8c45d5056
d70e2c70b21cbb66cd883ae56e2dedacefd81c7c
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

HTTP Headers

GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:53:36 GMT
expires: Thu, 28 Sep 2023 19:53:36 GMT
cache-control: public, max-age=31536000
age: 346531
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.195

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:32:09 GMT
expires: Thu, 28 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 347818
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.195

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 347888
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tricityepoxycoatings.com/cms_websites/css/dist/assets/fonts/bcn-icons/tsi-cms.ttf?jqz9p7

216.152.143.240

200 OK

15 kB

URL HTTP/1.1
tricityepoxycoatings.com/cms_websites/css/dist/assets/fonts/bcn-icons/tsi-cms.ttf?jqz9p7
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Size
15 kB (15128 bytes)
Hash
8502d84e441c2414f9d57278b37ca913
99aa2bb2ae83c276e2c87730bcc91a7a91f94b2d
90894ec30080285112af7874edd528fe7fef8326ff32c7551d756fc444d3dc92

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/css/dist/assets/fonts/bcn-icons/tsi-cms.ttf?jqz9p7 HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: application/font-sfnt
Content-Length: 15128
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:42 GMT
ETag: "3b18-5e8acea0cc45e"
Vary: Accept-Encoding
X-Varnish: 45761596
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

tricityepoxycoatings.com/files/2022/08/epoxy1.jpg?&a=t

216.152.143.240

200 OK

457 kB

URL HTTP/1.1
tricityepoxycoatings.com/files/2022/08/epoxy1.jpg?&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size
457 kB (457167 bytes)
Hash
a680c04a6cc0eac5fe9607974cfb5750
ed4e16d906fdc949f2a9ec9690d47d4cf1bbf902
897331b21d985aecf512439bcda9bd81e12885cdedd26e30d0aa849486a7603a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/08/epoxy1.jpg?&a=t HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: image/jpeg
Content-Length: 457167
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 16:55:11 GMT
ETag: "28d74c738cd48a575b320e7b7ec544e6"
Expires: Wed, 03 Dec 2025 05:55:47 GMT
Vary: Accept-Encoding
X-Varnish: 283891609
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3308
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 20:09:07 GMT
Connection: keep-alive

tricityepoxycoatings.com/files/2022/08/garage.jpg?&a=t

216.152.143.240

200 OK

322 kB

URL HTTP/1.1
tricityepoxycoatings.com/files/2022/08/garage.jpg?&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size
322 kB (321534 bytes)
Hash
3aa7b964c6199315af72e5fa38519a75
b16433c4680580b9be7cedec60d19fbefbe6a671
a70a3a297a7bdcb0405a15723be11d9f03cf56a8a6721c5feca73c8575d64c07

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/08/garage.jpg?&a=t HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: image/jpeg
Content-Length: 321534
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 17:25:46 GMT
ETag: "b21735027430ad208c6abafd98534ab5"
Expires: Wed, 03 Dec 2025 05:55:47 GMT
Vary: Accept-Encoding
X-Varnish: 45881705
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6871 bytes)
Hash
9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
age: 80133
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8602 bytes)
Hash
94d82ad8d70761f6ee1384b4183335f3
5d3389a965cfa45dab2202d89b40264368674e8a
ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:38 GMT
age: 80130
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

tricityepoxycoatings.com/files/2022/08/epoxyfloor2.jpg

216.152.143.240

200 OK

820 kB

URL HTTP/1.1
tricityepoxycoatings.com/files/2022/08/epoxyfloor2.jpg
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size
820 kB (820083 bytes)
Hash
dfc895a7232475c0f7f36ab58f69d03e
545c984e78587ee1e9642b4812085bbd2d59e091
81df22f6047c1ff5c966e8f33c7b59260bd74aff82f116fbcc6859761139fb8c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/08/epoxyfloor2.jpg HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Type: image/jpeg
Content-Length: 820083
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 16:40:50 GMT
ETag: "e7ace130c47fb91f76ee3afdd1217193"
Expires: Wed, 03 Dec 2025 05:55:47 GMT
Vary: Accept-Encoding
X-Varnish: 45761593
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4987 bytes)
Hash
463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:45 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 80063
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 55649
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11083 bytes)
Hash
edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 80133
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9340 bytes)
Hash
6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:23 GMT
age: 80505
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ssl.google-analytics.com/ga.js

142.250.74.72

200 OK

17 kB

URL HTTP/2
ssl.google-analytics.com/ga.js
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 02 Oct 2022 18:29:20 GMT
expires: Sun, 02 Oct 2022 20:29:20 GMT
cache-control: public, max-age=7200
age: 5988
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:09:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1664741

13.224.227.209

200 OK

60 kB

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1664741
IP
13.224.227.209:0
ASN
#16509 AMAZON-02

File type
data
Size
60 kB (59697 bytes)
Hash
5632a4b5f093e176c19db7c6b73daef1
ebc9c6cab844b9c242066cfab79052866067508b
4bcaec3939e746b3904c5685e3706ad8d30c87de350b5d653f91fb0d43fa8ce9

HTTP Headers

GET /assets/livesite.js?1664741 HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 11:44:43 GMT
x-amz-version-id: rtk4CqouCAHVt1O7djtzhvbO7X9uQsYK
server: AmazonS3
content-encoding: gzip
date: Sun, 02 Oct 2022 01:59:57 GMT
etag: W/"f2d115cea54c6a011c4c9d3abd56e8ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24f5499a7e1e28d072ca230380ceb382.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: WsZP5Gu_tUdWbg16A_TTLMc2VGp_M_6Kaae7OvSxjX1we6FUGEYhCA==
age: 84931
X-Firefox-Spdy: h2

ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=317863447&utmhn=tricityepoxycoatings.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Professional%20Epoxy%20Coating%20%7C%20Concrete%20Polishing%20%7C%20Hampstead%2C%20NC%20%7C%20Tri%20City%20Epoxy%20Coatings&utmhid=95433823&utmr=-&utmp=%2F&utmht=1664741348041&utmac=UA-152801506-113&utmdid=i9k95&utmcc=__utma%3D166257275.1297772169.1664741348.1664741348.1664741348.1%3B%2B__utmz%3D166257275.1664741348.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1188944226&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~

142.250.74.72

200 OK

35 B

URL HTTP/2
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=317863447&utmhn=tricityepoxycoatings.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Professional%20Epoxy%20Coating%20%7C%20Concrete%20Polishing%20%7C%20Hampstead%2C%20NC%20%7C%20Tri%20City%20Epoxy%20Coatings&utmhid=95433823&utmr=-&utmp=%2F&utmht=1664741348041&utmac=UA-152801506-113&utmdid=i9k95&utmcc=__utma%3D166257275.1297772169.1664741348.1664741348.1664741348.1%3B%2B__utmz%3D166257275.1664741348.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1188944226&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=317863447&utmhn=tricityepoxycoatings.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Professional%20Epoxy%20Coating%20%7C%20Concrete%20Polishing%20%7C%20Hampstead%2C%20NC%20%7C%20Tri%20City%20Epoxy%20Coatings&utmhid=95433823&utmr=-&utmp=%2F&utmht=1664741348041&utmac=UA-152801506-113&utmdid=i9k95&utmcc=__utma%3D166257275.1297772169.1664741348.1664741348.1664741348.1%3B%2B__utmz%3D166257275.1664741348.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1188944226&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 02 Oct 2022 20:09:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

tricityepoxycoatings.com/files/2022/09/7A15D573DDC60EDB1876E161CC3FAF43.png?w=196&h=196&zc=0

216.152.143.240

200 OK

44 kB

URL HTTP/1.1
tricityepoxycoatings.com/files/2022/09/7A15D573DDC60EDB1876E161CC3FAF43.png?w=196&h=196&zc=0
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Size
44 kB (44390 bytes)
Hash
04f2a6e4d3a7fe01c1d7b86d900578f0
be228fd004eb9c51b02edf4f176fd245356eb0b8
8310dfe456c233a3ca53e9a33539baee01ce5d08f1d457e069349ae2c5e9a1dc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/7A15D573DDC60EDB1876E161CC3FAF43.png?w=196&h=196&zc=0 HTTP/1.1
Host: tricityepoxycoatings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:09:08 GMT
Content-Type: image/png
Content-Length: 44390
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 20:09:08 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Wed, 12 Oct 2022 20:09:08 GMT
Vary: Accept-Encoding
X-Varnish: 44164453
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1664741

13.224.227.209

200 OK

8.8 kB

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1664741
IP
13.224.227.209:0
ASN
#16509 AMAZON-02

File type
data
Size
8.8 kB (8828 bytes)
Hash
10542fa5276351e084ae0b9e4e6341b6
b8536f973981b2797b8b5fbdfd55ec6a1867c15d
e384089d2fee262b5a0fe574dc626472481ea04f83f0774b40f4ff81d97e750a

HTTP Headers

GET /assets/livesite.css?1664741 HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Sun, 02 Oct 2022 00:13:11 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 11:44:43 GMT
etag: W/"b431455f98e64a9a5dc2de77b831d129"
x-amz-version-id: FMyiKae3A4_eXeUZCuEa_iKC4cso1sM2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24f5499a7e1e28d072ca230380ceb382.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: 68zRHjsCsnBbfAlUdAczablvlhgRqLVseI663nitJozLQIUTWBAQKw==
age: 71758
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.195

200 OK

19 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
19 kB (18962 bytes)
Hash
26fcf4b6fcb9453ecddf9e93fadcf677
cdc2b592232cf41176a9ccca0dedba00d55e5710
8faa62d1ffc4f93ce25ee5f84fbf4db5f5358b76e84ff4cc63b2db6efb40131c

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:53:39 GMT
expires: Tue, 26 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 522929
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd

13.224.227.209

200 OK

66 kB

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd
IP
13.224.227.209:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 65516, version 1.0\012- data
Size
66 kB (65516 bytes)
Hash
db122b8081b800020ab23b71c1214b92
eda21764b8506036b5f911e596532784dc25dbae
fafcb0376b5e95ad63601b2cfc30db87a9ed0f6be6efcc611327f885c8130aa2

HTTP Headers

GET /assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://d2ra6nuwn69ktl.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 65516
date: Sun, 02 Oct 2022 20:09:10 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 02 Oct 2022 16:57:07 GMT
etag: "db122b8081b800020ab23b71c1214b92"
x-amz-version-id: fyAJyNZam6KRMBWMRTXQo9fU5I.DclbH
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 24f5499a7e1e28d072ca230380ceb382.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: eZfCGk4kbhAcKxlvYcA9IHMQ3Cz-D9m8vifj1LrcdT3PArcKy0LttQ==
X-Firefox-Spdy: h2

d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/icomoon.woff?84yycz

13.224.227.209

200 OK

18 kB

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/icomoon.woff?84yycz
IP
13.224.227.209:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 18204, version 0.0\012- data
Size
18 kB (18204 bytes)
Hash
5906d6e34193a2fd84132c877ce62b6a
b0a315bacee76f22cff2ce31754afe2430f71441
dfd2ecd12c5576aa486d2e5edc94db9e3c44259b70a139bf79b807bb6638901b

HTTP Headers

GET /assets/css/icomoon/fonts/icomoon.woff?84yycz HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://d2ra6nuwn69ktl.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 18204
date: Sun, 02 Oct 2022 20:09:10 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 02 Oct 2022 16:57:07 GMT
etag: "5906d6e34193a2fd84132c877ce62b6a"
x-amz-version-id: xiIfpz2CLVaoZY1IX6BDlRD2Iikd3TH.
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 24f5499a7e1e28d072ca230380ceb382.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: sR88ku08GC1B3ryH52rzWbh5wgH1E_r8IWxRWqxStW9DNy5JQgfiiA==
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
11f2e40823827b62bca89d18ee279cb2
fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38
c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgmFdlIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:50 GMT
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38"
content-type: image/jpeg
age: 80064
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.vcita.com/cdn-cgi/rum?

104.18.2.196

200 OK

0 B

URL HTTP/2
www.vcita.com/cdn-cgi/rum?
IP
104.18.2.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1431
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; _cfuvid=2S90OtrcvLQzSvin3YXZLsZd8JiT6mwZy_05tHwJ8MU-1664741348906-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:09:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.vcita.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 754012faa8ba0b41-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.vcita.com/cdn-cgi/rum?

104.18.2.196

200 OK

0 B

URL HTTP/2
www.vcita.com/cdn-cgi/rum?
IP
104.18.2.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 480
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; _cfuvid=2S90OtrcvLQzSvin3YXZLsZd8JiT6mwZy_05tHwJ8MU-1664741348906-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:09:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.vcita.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7540131c09960b41-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.vcita.com/widgets/active_engage/configuration?id=uz26j04d40ms71ak&callback=jQuery111106893323570530543_1664741348072&_=1664741348073

104.18.2.196

200 OK

0 B

URL HTTP/2
www.vcita.com/widgets/active_engage/configuration?id=uz26j04d40ms71ak&callback=jQuery111106893323570530543_1664741348072&_=1664741348073
IP
104.18.2.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widgets/active_engage/configuration?id=uz26j04d40ms71ak&callback=jQuery111106893323570530543_1664741348072&_=1664741348073 HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:09:08 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
status: 200 OK
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
x-ua-compatible: IE=Edge,chrome=1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-request-id: 822c03d2b3fb92e410b2212c1b802005
x-runtime: 0.081580
x-rack-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: source_referrer=https%3A%2F%2Ftricityepoxycoatings.com%2F; path=/
app_attribution_params=%5B%7B%22source_referrer%22%3A%22https%3A%2F%2Ftricityepoxycoatings.com%2F%22%2C%22time_stamp%22%3A%222022-10-02T20%3A09%3A08%2B00%3A00%22%7D%5D; domain=www.vcita.com; path=/; expires=Sat, 02-Oct-2032 20:09:08 GMT
____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 20:09:08 GMT; secure; HttpOnly
_cfuvid=2S90OtrcvLQzSvin3YXZLsZd8JiT6mwZy_05tHwJ8MU-1664741348906-0-604800000; path=/; domain=.www.vcita.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 754012f348350b41-OSL
X-Firefox-Spdy: h2

www.vcita.com/tr_pics/i?p=1972763&o=bG9hZGVy

104.18.2.196

200 OK

0 B

URL HTTP/2
www.vcita.com/tr_pics/i?p=1972763&o=bG9hZGVy
IP
104.18.2.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tr_pics/i?p=1972763&o=bG9hZGVy HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; _cfuvid=2S90OtrcvLQzSvin3YXZLsZd8JiT6mwZy_05tHwJ8MU-1664741348906-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:09:09 GMT
content-type: image/gif
status: 200 OK
cache-control: must-revalidate, no-cache, no-store, private, max-age=0
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-disposition: inline
content-transfer-encoding: binary
x-ua-compatible: IE=Edge,chrome=1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: app_attribution_params=%5B%7B%22source_referrer%22%3A%22https%3A%2F%2Ftricityepoxycoatings.com%2F%22%2C%22time_stamp%22%3A%222022-10-02T20%3A09%3A09%2B00%3A00%22%7D%5D; domain=www.vcita.com; path=/; expires=Sat, 02-Oct-2032 20:09:09 GMT
____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 20:09:09 GMT; secure; HttpOnly
x-request-id: bb74dd269a8c64614efb1827a6f05f89
x-runtime: 0.020102
x-rack-cache: miss
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754012f72cb30b41-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Josefin+Sans:400,400i

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Josefin+Sans:400,400i
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Josefin+Sans:400,400i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 20:09:06 GMT
date: Sun, 02 Oct 2022 20:09:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate

104.18.2.196

200 OK

0 B

URL HTTP/2
www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate
IP
104.18.2.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/client_zones/uz26j04d40ms71ak/account/active_engage_gate HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; _cfuvid=2S90OtrcvLQzSvin3YXZLsZd8JiT6mwZy_05tHwJ8MU-1664741348906-0-604800000
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:09:09 GMT
content-type: text/html; charset=utf-8
status: 200 OK
x-ua-compatible: IE=Edge,chrome=1
cache-control: must-revalidate, private, max-age=0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 20:09:09 GMT; secure; HttpOnly
x-request-id: cf7796cfbc8080ef953ccbc3a9ccc5d8
x-runtime: 0.004932
x-rack-cache: miss
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754012f72cb10b41-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

172.64.156.26

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
172.64.156.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:09:09 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 754012fa5e190b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML