Overview

URL www.tricityepoxycoatings.com/
IP216.152.143.240
ASNCOGECO-PEER1
Location United States
Report completed2022-10-02 20:09:17 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed
2022-10-02 2 tricityepoxycoatings.com Sinkholed


Files

URL tricityepoxycoatings.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-i (...)
IP  216.152.143.240
Magic gzip compressed data, max compression\012- data
Size 1635
MD5 ba75a046539d171930796f9716eed3a4
SHA1 5ea6308d72651bc0f4ab33626e6bfa175f612ea2
SHA256 d9ae852f3ee0d565f8e794ad29d23b03f6ea7b47a681c891e7caa2dcfb874a8c
Analyzer Analysed Verdict Comment
VirusTotal 0/0
URL fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr (...)
IP  216.58.207.195
Magic gzip compressed data, max compression\012- data
Size 18962
MD5 26fcf4b6fcb9453ecddf9e93fadcf677
SHA1 cdc2b592232cf41176a9ccca0dedba00d55e5710
SHA256 8faa62d1ffc4f93ce25ee5f84fbf4db5f5358b76e84ff4cc63b2db6efb40131c
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (17)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.tricityepoxycoatings.com (2) 0 2022-09-16 20:36:36 UTC 2022-10-02 07:06:04 UTC 216.152.143.240 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-10-02 16:25:36 UTC 13.224.222.39
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 44.238.3.246
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-02 15:44:45 UTC 93.184.220.29
mnemonic passive DNS ssl.google-analytics.com (2) 275 2012-10-03 00:55:57 UTC 2022-10-02 17:54:50 UTC 142.250.74.72
mnemonic passive DNS d2ra6nuwn69ktl.cloudfront.net (4) 0 2021-04-15 07:51:43 UTC 2022-09-28 18:42:31 UTC 13.224.227.209 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (3) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.76.226
mnemonic passive DNS ocsp.pki.goog (11) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-06-10 06:53:41 UTC 2022-10-02 17:19:54 UTC 142.250.74.170
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-10-02 11:24:29 UTC 34.120.237.76
mnemonic passive DNS www.vcita.com (5) 65076 2012-05-21 13:44:40 UTC 2022-10-02 00:41:41 UTC 104.18.2.196
mnemonic passive DNS static.cloudflareinsights.com (1) 1294 2019-09-24 14:34:56 UTC 2022-10-02 12:34:30 UTC 172.64.156.26
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 13.224.222.85
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239
mnemonic passive DNS tricityepoxycoatings.com (21) 0 2022-09-01 22:19:07 UTC 2022-10-02 07:06:04 UTC 216.152.143.240 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-10-02 16:00:45 UTC 142.250.74.10
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-10-02 11:24:27 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 216.152.143.240

Date UQ / IDS / BL URL IP
2022-11-16 12:49:39 +0000
0 - 0 - 21 lifeinsurancepartners.net/ 216.152.143.240
2022-11-12 11:52:20 +0000
0 - 0 - 25 masterpaintingtn.com/ 216.152.143.240
2022-11-05 10:25:02 +0000
0 - 0 - 15 gnhomefinish.com/cbm88g.rar 216.152.143.240
2022-10-30 16:51:12 +0000
0 - 0 - 20 zoosiana.com/packages 216.152.143.240
2022-10-24 21:14:37 +0000
0 - 0 - 26 carretoelectricca.com/ 216.152.143.240

Last 5 reports on ASN: COGECO-PEER1

Date UQ / IDS / BL URL IP
2022-11-26 11:27:43 +0000
5 - 0 - 2 sjue.com/blog/category/dive-log/nediving/page/6 64.34.173.227
2022-11-25 12:39:46 +0000
0 - 0 - 3 frnc.citymax.com/ 69.90.45.102
2022-11-24 20:30:13 +0000
0 - 0 - 2 wetbasementsbarrie.ca/wp-includes/pomo/mo.php 209.15.201.35
2022-11-24 13:03:35 +0000
0 - 0 - 1 blog-unit.at.ply.gg/ 209.25.141.229
2022-11-24 13:03:17 +0000
0 - 0 - 1 month-whats.at.ply.gg/ 209.25.141.223

Last 1 reports on domain: tricityepoxycoatings.com

Date UQ / IDS / BL URL IP
2022-10-02 20:09:17 +0000
0 - 0 - 23 www.tricityepoxycoatings.com/ 216.152.143.240

No other reports with similar screenshot



JavaScript

Executed Scripts (20)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (69)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: www.tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         216.152.143.240
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:05 GMT
Content-Length: 178
Connection: keep-alive
Location: https://www.tricityepoxycoatings.com/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5181
Expires: Sun, 02 Oct 2022 21:35:26 GMT
Date: Sun, 02 Oct 2022 20:09:05 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.222.39
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 20:03:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 340acc109468df693ec024a66dbb0f1e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: Vi6W7qZ1QoD06DzuK3S_I-NLi-fQWIsjQpcQADtYhhu0Mleoqi-R4g==
Age: 351


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.222.85
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 51c6fa41a8f5079dc547fd1acb8e2948.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: -htv7bv9Gjncar_rDMZZYqgrcX0SqBkjZFCwZrb5ScEX6lsPu51vVg==
age: 59749
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 02 Oct 2022 20:09:05 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "64A48A083B7760DB0854E93D21F369AED4435BA1A3DE09F2796F9F97C33EA120"
Last-Modified: Sun, 02 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 03 Oct 2022 02:09:05 GMT
Date: Sun, 02 Oct 2022 20:09:05 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: www.tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         216.152.143.240
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:05 GMT
Content-Length: 0
Connection: keep-alive
Location: https://tricityepoxycoatings.com/
Vary: Accept-Encoding
X-Varnish: 45828085 45706634
Age: 5
Via: 1.1 varnish (Varnish/5.2)


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.222.39
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 19:32:53 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 19:44:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d9301398db70d749f8b2ddc8f79c19e2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: eFiRLYHKWZ0Y08XCu2-wRZ383UBttk9jeUoD84QHd6NElDHcA3rfmQ==
Age: 2173


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3015
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 20:09:06 GMT
Last-Modified: Sun, 02 Oct 2022 19:18:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Length: 7211
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45640220 46010218
Age: 9
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (873), with CRLF, LF line terminators
Size:   7211
Md5:    07eec8a778702eaf5701b789743b5e19
Sha1:   62e354b94c5415e07821813ee8e9522616ce3c54
Sha256: a4794979c12d50e2f5a8655923b3f47614e92282e21169d34230d6f7569805a7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: quZMc92aDfp6ud+h5wldaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.238.3.246
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: T3N5JNzEXzVye9Wv3ZYYyFLO/90=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.170
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 07:21:44 GMT
expires: Sun, 01 Oct 2023 07:21:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 132442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (28290)
Size:   7320
Md5:    29cec33e497be5e450f9703d98efca3b
Sha1:   4bcb24406115ca93d35ba145b78234b6f5e5d135
Sha256: 287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1 HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Length: 52079
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 17:18:55 GMT
ETag: "6f827-5e8ba70a766ab-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46010554
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   52079
Md5:    6a1aca5280b08c14610ff95724ecaf93
Sha1:   db91dc1f4abef07e0c34e784996bddc11249102e
Sha256: 5a15637dd7ce2b8cb40fd7ba3d46ecda4c6711a8af97dea004b37320f5fee03c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/beacon-easton/js/min/theme-plugins-min.js HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Length: 23216
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:26 GMT
ETag: "17376-5a7d7dcb4689f-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45761528
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (31956)
Size:   23216
Md5:    20bfd63ec0482fcd8f5593e4172f5a91
Sha1:   fb4506839def74a1b7b8d24e806df068ebc5b4ea
Sha256: ce0751118027f75c01a4e1d44514d0fe4b3833c7335801c61978b39c8fc4fc99

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:41 GMT
ETag: "48c-5d727b3a6c8f4-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 283891575 284271123
Age: 9
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1164), with no line terminators
Size:   465
Md5:    ae9e1ea6af46bf62a7469101eb4a8f55
Sha1:   e94958da3bfd259c99019190f6c4e449e0c16aee
Sha256: bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/beacon-theme_san-antonio/js/min/theme-min.js HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Length: 2405
Connection: keep-alive
Last-Modified: Thu, 09 Sep 2021 00:06:13 GMT
ETag: "28cb-5cb84c455239d-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45828128
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (10443), with no line terminators
Size:   2405
Md5:    9fc421dfc60dcf4397481c1134b140e3
Sha1:   505dae58ea97c8cb8ced7e7fae55db7d3666a144
Sha256: ef37883dc6ae806194145f521dd3c6b02221e04c3d3ebdc0ab3e4e604419efb6

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cms_websites/cms_custom_css.php?ver=248_11 HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Length: 3306
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45881667
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   3306
Md5:    1231eb3b619de6d1c9ef7fb1bee01ec6
Sha1:   05a749c58561f30f0b6582d5d542a1ad8c0ab7f9
Sha256: b3052c17991a43d2729a3d634f9d6c4a8eb8bcc0cba8793f0d1fbc01f3cabc13

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Length: 5822
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:32 GMT
ETag: "401a-59379a2a64404-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45761539 45881542
Age: 8
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (16194)
Size:   5822
Md5:    0de80519eb796dc06fa34efcf454c797
Sha1:   1274f536f1c2c51ad2b0c0f121da21cc43854ea5
Sha256: 059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Length: 4061
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46010577
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   4061
Md5:    e908999b990d5ddb588f748c8d078850
Sha1:   f54392a9da874d192898b7dc47db9a652e60afce
Sha256: 8097c2e8d387f963703f40b0536e4b3d498fbfdce05b4c2c2dca75b5faa5ed7d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cms_websites/js/internal/beacon-lazy-load.min.js HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 1511
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "e96-5c189ea4b2d4d-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46010583
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (711)
Size:   1511
Md5:    2d8efb282dc94590ef8e29cce1999c3e
Sha1:   a789f740b749b873e23bdf2de83bde7a04a5e89b
Sha256: 8ff9c2939ed58514693157d95935fcb312c08aa221300f4c01b0bbf0cc6e68db

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/beacon-easton/js/theme-menu-horizontal-v1.min.js HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 2063
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "1a05-5c189ea3c1357-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45881678 45948574
Age: 7
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (2945)
Size:   2063
Md5:    b090b8d374acdea0535eb0e08b1183fa
Sha1:   d8b4e3448ab0fb902ad5866a2965f63f72126de9
Sha256: 1c5b635bccee37b9e2e8ee5b2c730b0759c6ea249b5635aaa1b9eebc524a3a0b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:35 GMT
ETag: "3f7-5d727b3527792-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46010586 45706637
Age: 6
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1015), with no line terminators
Size:   517
Md5:    09a9e3bc0d18d851d1276481ed543c9e
Sha1:   87f953897b9f07e27e0b080a4320a9b78fc80167
Sha256: 9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cms_websites/js/external/scripts.js HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:06 GMT
Content-Length: 120679
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "634a9-5c189ea477bf3-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46106363 45509158
Age: 9
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32077)
Size:   120679
Md5:    2b2400ce27b4d1d8ceca82bed3e8bad2
Sha1:   2ebaca6538cccffd5a042f53e46a18b2133acb9a
Sha256: bd364f13dac56e31208849b685194592c91631fa41a8c396c5346417fccc47e7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cms_websites/img/lazy-load-placeholder.png HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 1202
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "4b2-5c189ea4b0e0d"
Vary: Accept-Encoding
X-Varnish: 45640224
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   1202
Md5:    da4a5f76c26dbfec59eb5fe8203260b6
Sha1:   4eaa1177c496eee6f870521341cd085ee01755a9
Sha256: ce132516a708f2d42cff5f86b734d76e9b6da3066d399f0143ddd6d4c1c39e3c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /files/2022/08/7A15D573DDC60EDB1876E161CC3FAF43.png HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 34534
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 16:36:07 GMT
ETag: "27ae1856d140adfb81feac24d7c1da4b"
Expires: Wed, 03 Dec 2025 05:55:47 GMT
Vary: Accept-Encoding
X-Varnish: 284185635
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 460 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size:   34534
Md5:    7a15d573ddc60edb1876e161cc3faf43
Sha1:   5de9ee34902f96a082cea57b250a364a02110fee
Sha256: 73e140d052fefdd0655119986604859aa9ec826d5033ecc9cf65c64be6584dec

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /files/2022/08/7A15D573DDC60EDB1876E161CC3FAF43_1.png HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 34534
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 16:36:29 GMT
ETag: "e8f2067bfb7257640b9a8e55a8775e3c"
Expires: Wed, 03 Dec 2025 05:55:47 GMT
Vary: Accept-Encoding
X-Varnish: 45327675
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 460 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size:   34534
Md5:    7a15d573ddc60edb1876e161cc3faf43
Sha1:   5de9ee34902f96a082cea57b250a364a02110fee
Sha256: 73e140d052fefdd0655119986604859aa9ec826d5033ecc9cf65c64be6584dec

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 1097
Connection: keep-alive
Last-Modified: Fri, 11 Oct 2013 16:05:10 GMT
ETag: "449-4e87948635980"
Vary: Accept-Encoding
X-Varnish: 45881702
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   1635
Md5:    ba75a046539d171930796f9716eed3a4
Sha1:   5ea6308d72651bc0f4ab33626e6bfa175f612ea2
Sha256: d9ae852f3ee0d565f8e794ad29d23b03f6ea7b47a681c891e7caa2dcfb874a8c

Alerts:
  Blocklists:
    - quad9: Sinkholed
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 20:09:06 GMT
date: Sun, 02 Oct 2022 20:09:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9410
Md5:    ffdc7a7fcc0fbf2869e33a64e57fa665
Sha1:   1e4cd02a6e3a8504adc84c0004fc873e75b0dab1
Sha256: c80359c47b8815a6b3e8120d4aac29017919ce34e9e32b939fcc8eefc2dc71d8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:53:36 GMT
expires: Thu, 28 Sep 2023 19:53:36 GMT
cache-control: public, max-age=31536000
age: 346531
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data
Size:   8668
Md5:    a242ba0df3a128a2cab929a8c45d5056
Sha1:   d70e2c70b21cbb66cd883ae56e2dedacefd81c7c
Sha256: 50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:32:09 GMT
expires: Thu, 28 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 347818
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 347888
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size:   7816
Md5:    25b0e113ca7cce3770d542736db26368
Sha1:   cb726212d5d525021752a1d8470a0fb593e0c49e
Sha256: 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cms_websites/css/dist/assets/fonts/bcn-icons/tsi-cms.ttf?jqz9p7 HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/cms_websites/css/dist/beacon-theme_san-antonio/theme.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/font-sfnt
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 15128
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:42 GMT
ETag: "3b18-5e8acea0cc45e"
Vary: Accept-Encoding
X-Varnish: 45761596
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Size:   15128
Md5:    8502d84e441c2414f9d57278b37ca913
Sha1:   99aa2bb2ae83c276e2c87730bcc91a7a91f94b2d
Sha256: 90894ec30080285112af7874edd528fe7fef8326ff32c7551d756fc444d3dc92

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /files/2022/08/epoxy1.jpg?&a=t HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 457167
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 16:55:11 GMT
ETag: "28d74c738cd48a575b320e7b7ec544e6"
Expires: Wed, 03 Dec 2025 05:55:47 GMT
Vary: Accept-Encoding
X-Varnish: 283891609
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size:   457167
Md5:    a680c04a6cc0eac5fe9607974cfb5750
Sha1:   ed4e16d906fdc949f2a9ec9690d47d4cf1bbf902
Sha256: 897331b21d985aecf512439bcda9bd81e12885cdedd26e30d0aa849486a7603a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3308
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 20:09:07 GMT
Connection: keep-alive

                                        
                                            GET /files/2022/08/garage.jpg?&a=t HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 321534
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 17:25:46 GMT
ETag: "b21735027430ad208c6abafd98534ab5"
Expires: Wed, 03 Dec 2025 05:55:47 GMT
Vary: Accept-Encoding
X-Varnish: 45881705
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size:   321534
Md5:    3aa7b964c6199315af72e5fa38519a75
Sha1:   b16433c4680580b9be7cedec60d19fbefbe6a671
Sha256: a70a3a297a7bdcb0405a15723be11d9f03cf56a8a6721c5feca73c8575d64c07

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
age: 80133
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6871
Md5:    9dddb9d84a16a3004821d89836b83dc3
Sha1:   087521979efd5936416fd7f030779fa5725f0a8f
Sha256: a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:38 GMT
age: 80130
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8602
Md5:    94d82ad8d70761f6ee1384b4183335f3
Sha1:   5d3389a965cfa45dab2202d89b40264368674e8a
Sha256: ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd
                                        
                                            GET /files/2022/08/epoxyfloor2.jpg HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:07 GMT
Content-Length: 820083
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 16:40:50 GMT
ETag: "e7ace130c47fb91f76ee3afdd1217193"
Expires: Wed, 03 Dec 2025 05:55:47 GMT
Vary: Accept-Encoding
X-Varnish: 45761593
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size:   820083
Md5:    dfc895a7232475c0f7f36ab58f69d03e
Sha1:   545c984e78587ee1e9642b4812085bbd2d59e091
Sha256: 81df22f6047c1ff5c966e8f33c7b59260bd74aff82f116fbcc6859761139fb8c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:45 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
age: 80063
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4987
Md5:    463bdcfbec5426e18ecef83b1c373b71
Sha1:   2e533332ee5c49143e58dad32ee3717a39179532
Sha256: 2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 55649
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
age: 80133
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11083
Md5:    edded48f558f739287a040151349ef67
Sha1:   d63b6ba630736d32c364b0e6a369274b2389b7ff
Sha256: 33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:23 GMT
age: 80505
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9340
Md5:    6047192460abf4afd600948abb5e6ee1
Sha1:   6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
Sha256: d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 02 Oct 2022 18:29:20 GMT
expires: Sun, 02 Oct 2022 20:29:20 GMT
cache-control: public, max-age=7200
age: 5988
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:09:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/livesite.js?1664741 HTTP/1.1 
Host: d2ra6nuwn69ktl.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.227.209
HTTP/2 200 OK
content-type: application/x-javascript
                                        
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 11:44:43 GMT
x-amz-version-id: rtk4CqouCAHVt1O7djtzhvbO7X9uQsYK
server: AmazonS3
content-encoding: gzip
date: Sun, 02 Oct 2022 01:59:57 GMT
etag: W/"f2d115cea54c6a011c4c9d3abd56e8ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24f5499a7e1e28d072ca230380ceb382.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: WsZP5Gu_tUdWbg16A_TTLMc2VGp_M_6Kaae7OvSxjX1we6FUGEYhCA==
age: 84931
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   59697
Md5:    5632a4b5f093e176c19db7c6b73daef1
Sha1:   ebc9c6cab844b9c242066cfab79052866067508b
Sha256: 4bcaec3939e746b3904c5685e3706ad8d30c87de350b5d653f91fb0d43fa8ce9
                                        
                                            GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=317863447&utmhn=tricityepoxycoatings.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Professional%20Epoxy%20Coating%20%7C%20Concrete%20Polishing%20%7C%20Hampstead%2C%20NC%20%7C%20Tri%20City%20Epoxy%20Coatings&utmhid=95433823&utmr=-&utmp=%2F&utmht=1664741348041&utmac=UA-152801506-113&utmdid=i9k95&utmcc=__utma%3D166257275.1297772169.1664741348.1664741348.1664741348.1%3B%2B__utmz%3D166257275.1664741348.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1188944226&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: image/gif
                                        
access-control-allow-origin: *
date: Sun, 02 Oct 2022 20:09:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /files/2022/09/7A15D573DDC60EDB1876E161CC3FAF43.png?w=196&h=196&zc=0 HTTP/1.1 
Host: tricityepoxycoatings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:09:08 GMT
Content-Length: 44390
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 20:09:08 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Wed, 12 Oct 2022 20:09:08 GMT
Vary: Accept-Encoding
X-Varnish: 44164453
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Size:   44390
Md5:    04f2a6e4d3a7fe01c1d7b86d900578f0
Sha1:   be228fd004eb9c51b02edf4f176fd245356eb0b8
Sha256: 8310dfe456c233a3ca53e9a33539baee01ce5d08f1d457e069349ae2c5e9a1dc

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /assets/livesite.css?1664741 HTTP/1.1 
Host: d2ra6nuwn69ktl.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.224.227.209
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 02 Oct 2022 00:13:11 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 11:44:43 GMT
etag: W/"b431455f98e64a9a5dc2de77b831d129"
x-amz-version-id: FMyiKae3A4_eXeUZCuEa_iKC4cso1sM2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24f5499a7e1e28d072ca230380ceb382.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: 68zRHjsCsnBbfAlUdAczablvlhgRqLVseI663nitJozLQIUTWBAQKw==
age: 71758
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8828
Md5:    10542fa5276351e084ae0b9e4e6341b6
Sha1:   b8536f973981b2797b8b5fbdfd55ec6a1867c15d
Sha256: e384089d2fee262b5a0fe574dc626472481ea04f83f0774b40f4ff81d97e750a
                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:53:39 GMT
expires: Tue, 26 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 522929
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   18962
Md5:    26fcf4b6fcb9453ecddf9e93fadcf677
Sha1:   cdc2b592232cf41176a9ccca0dedba00d55e5710
Sha256: 8faa62d1ffc4f93ce25ee5f84fbf4db5f5358b76e84ff4cc63b2db6efb40131c

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd HTTP/1.1 
Host: d2ra6nuwn69ktl.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://d2ra6nuwn69ktl.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.224.227.209
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 65516
date: Sun, 02 Oct 2022 20:09:10 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 02 Oct 2022 16:57:07 GMT
etag: "db122b8081b800020ab23b71c1214b92"
x-amz-version-id: fyAJyNZam6KRMBWMRTXQo9fU5I.DclbH
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 24f5499a7e1e28d072ca230380ceb382.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: eZfCGk4kbhAcKxlvYcA9IHMQ3Cz-D9m8vifj1LrcdT3PArcKy0LttQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 65516, version 1.0\012- data
Size:   65516
Md5:    db122b8081b800020ab23b71c1214b92
Sha1:   eda21764b8506036b5f911e596532784dc25dbae
Sha256: fafcb0376b5e95ad63601b2cfc30db87a9ed0f6be6efcc611327f885c8130aa2
                                        
                                            GET /assets/css/icomoon/fonts/icomoon.woff?84yycz HTTP/1.1 
Host: d2ra6nuwn69ktl.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tricityepoxycoatings.com
Connection: keep-alive
Referer: https://d2ra6nuwn69ktl.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.224.227.209
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 18204
date: Sun, 02 Oct 2022 20:09:10 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 02 Oct 2022 16:57:07 GMT
etag: "5906d6e34193a2fd84132c877ce62b6a"
x-amz-version-id: xiIfpz2CLVaoZY1IX6BDlRD2Iikd3TH.
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 24f5499a7e1e28d072ca230380ceb382.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: sR88ku08GC1B3ryH52rzWbh5wgH1E_r8IWxRWqxStW9DNy5JQgfiiA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 18204, version 0.0\012- data
Size:   18204
Md5:    5906d6e34193a2fd84132c877ce62b6a
Sha1:   b0a315bacee76f22cff2ce31754afe2430f71441
Sha256: dfd2ecd12c5576aa486d2e5edc94db9e3c44259b70a139bf79b807bb6638901b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9600
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgmFdlIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:50 GMT
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38"
age: 80064
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9600
Md5:    11f2e40823827b62bca89d18ee279cb2
Sha1:   fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38
Sha256: c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f
                                        
                                            POST /cdn-cgi/rum? HTTP/1.1 
Host: www.vcita.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1431
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; _cfuvid=2S90OtrcvLQzSvin3YXZLsZd8JiT6mwZy_05tHwJ8MU-1664741348906-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.2.196
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sun, 02 Oct 2022 20:09:09 GMT
access-control-allow-origin: https://www.vcita.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 754012faa8ba0b41-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /cdn-cgi/rum? HTTP/1.1 
Host: www.vcita.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 480
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/api/client_zones/uz26j04d40ms71ak/account/active_engage_gate
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; _cfuvid=2S90OtrcvLQzSvin3YXZLsZd8JiT6mwZy_05tHwJ8MU-1664741348906-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.2.196
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sun, 02 Oct 2022 20:09:14 GMT
access-control-allow-origin: https://www.vcita.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7540131c09960b41-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /widgets/active_engage/configuration?id=uz26j04d40ms71ak&callback=jQuery111106893323570530543_1664741348072&_=1664741348073 HTTP/1.1 
Host: www.vcita.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.2.196
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 02 Oct 2022 20:09:08 GMT
vary: Accept-Encoding
status: 200 OK
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
x-ua-compatible: IE=Edge,chrome=1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-request-id: 822c03d2b3fb92e410b2212c1b802005
x-runtime: 0.081580
x-rack-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: source_referrer=https%3A%2F%2Ftricityepoxycoatings.com%2F; path=/ app_attribution_params=%5B%7B%22source_referrer%22%3A%22https%3A%2F%2Ftricityepoxycoatings.com%2F%22%2C%22time_stamp%22%3A%222022-10-02T20%3A09%3A08%2B00%3A00%22%7D%5D; domain=www.vcita.com; path=/; expires=Sat, 02-Oct-2032 20:09:08 GMT ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 20:09:08 GMT; secure; HttpOnly _cfuvid=2S90OtrcvLQzSvin3YXZLsZd8JiT6mwZy_05tHwJ8MU-1664741348906-0-604800000; path=/; domain=.www.vcita.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 754012f348350b41-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tr_pics/i?p=1972763&o=bG9hZGVy HTTP/1.1 
Host: www.vcita.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; _cfuvid=2S90OtrcvLQzSvin3YXZLsZd8JiT6mwZy_05tHwJ8MU-1664741348906-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.2.196
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 02 Oct 2022 20:09:09 GMT
status: 200 OK
cache-control: must-revalidate, no-cache, no-store, private, max-age=0
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-disposition: inline
content-transfer-encoding: binary
x-ua-compatible: IE=Edge,chrome=1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: app_attribution_params=%5B%7B%22source_referrer%22%3A%22https%3A%2F%2Ftricityepoxycoatings.com%2F%22%2C%22time_stamp%22%3A%222022-10-02T20%3A09%3A09%2B00%3A00%22%7D%5D; domain=www.vcita.com; path=/; expires=Sat, 02-Oct-2032 20:09:09 GMT ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 20:09:09 GMT; secure; HttpOnly
x-request-id: bb74dd269a8c64614efb1827a6f05f89
x-runtime: 0.020102
x-rack-cache: miss
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754012f72cb30b41-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Josefin+Sans:400,400i HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 20:09:06 GMT
date: Sun, 02 Oct 2022 20:09:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/client_zones/uz26j04d40ms71ak/account/active_engage_gate HTTP/1.1 
Host: www.vcita.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tricityepoxycoatings.com/
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; _cfuvid=2S90OtrcvLQzSvin3YXZLsZd8JiT6mwZy_05tHwJ8MU-1664741348906-0-604800000
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.2.196
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sun, 02 Oct 2022 20:09:09 GMT
status: 200 OK
x-ua-compatible: IE=Edge,chrome=1
cache-control: must-revalidate, private, max-age=0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTI0YzI0OTZkNmZlMmIyMzlkMjYyNjk1OTUyNGVlZDNiBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiZodHRwczovL3RyaWNpdHllcG94eWNvYXRpbmdzLmNvbS8GOwBG--9a242761409dabf515bbdd0f429d4458c7751615; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 20:09:09 GMT; secure; HttpOnly
x-request-id: cf7796cfbc8080ef953ccbc3a9ccc5d8
x-runtime: 0.004932
x-rack-cache: miss
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754012f72cb10b41-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1 
Host: static.cloudflareinsights.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.156.26
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Sun, 02 Oct 2022 20:09:09 GMT
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 754012fa5e190b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---