Report - www.walls-electric.com/

Report Overview

Submitted URL
www.walls-electric.com/
IP
216.152.143.240
ASN
#13768 COGECO-PEER1
Submitted
2022-10-02 22:05:32
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	13.224.222.54
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.3 kB	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	35 kB	216.58.207.195
c15117557.ssl.cf2.rackcdn.com	121354	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	5.3 kB	23.38.200.148
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	746 B	142.250.74.10
www.walls-electric.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	674 B	216.152.143.240
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.161.231.36
walls-electric.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.0 kB	877 kB	216.152.143.240
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	6.3 kB	142.250.74.3
ssl.google-analytics.com	275	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	18 kB	216.58.211.8
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	432 B	8.4 kB	142.250.74.106
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	44 kB	34.120.237.76
www.vcita.com	65076	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.9 kB	104.18.3.196
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	13.224.222.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
d2ra6nuwn69ktl.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	86 kB	13.224.227.221

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed
2022-10-02	medium	walls-electric.com	Sinkholed

Files detected

URL
walls-electric.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP
216.152.143.240
ASN
#13768 COGECO-PEER1

File type
gzip compressed data, max compression\012- data
Size
1.6 kB (1635 bytes)
Hash
ba75a046539d171930796f9716eed3a4
5ea6308d72651bc0f4ab33626e6bfa175f612ea2
d9ae852f3ee0d565f8e794ad29d23b03f6ea7b47a681c891e7caa2dcfb874a8c

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (19)

	URL	Size	First Seen	Last Seen
	walls-electric.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js	1.2 MB	2023-03-07	2024-04-22
Pretty URL walls-electric.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-22 06:49:03 Times Seen182 Hash 1011064a70f679eaaef8d6988d6cc493 5198abb91179ff6171ec60e54366138a06e7068f 2b36622b2d03598b27c0c17e5f50ef427810dbf17117b305dc57fbd97729b8fb Loading...

	d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1664748	183 kB	2023-03-07	2023-04-07
Pretty URL d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1664748 IP 13.224.227.221 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:33 Last Seen2023-04-07 03:36:33 Times Seen8 Hash f2d115cea54c6a011c4c9d3abd56e8ec 0302243ae2b62f1c41277bad4421ab033b2527b4 59178178a08480bfad9e7ac7ddc7097367f0fbb152c964ba0a93dd25a56a9596 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 08:38:34 Times Seen37058447 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	walls-electric.com/cms_websites/js/external/scripts.js	407 kB	2023-03-07	2023-03-14
Pretty URL walls-electric.com/cms_websites/js/external/scripts.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-14 06:47:02 Times Seen1 Hash 4a577c9981aa1b4382753aad507b39c6 88544dd831c5b7d15c9864813bfa85b90538afe3 f6e0a49a81916892daf64a97d9ccc1230323161ed2b6b1815eb174e4fe2d6c78 Loading...

	www.vcita.com/widgets/active_engage/configuration?id=k6wi53k9co66qjc4&callback=jQuery111107227923245965482_1664748322518&_=1664748322519	3.1 kB	2023-03-08	2023-03-08
Pretty URL www.vcita.com/widgets/active_engage/configuration?id=k6wi53k9co66qjc4&callback=jQuery111107227923245965482_1664748322518&_=1664748322519 IP 104.18.3.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:50:08 Last Seen2023-03-08 04:50:08 Times Seen1 Hash 47cdd0b111992b2fd64ac3c890533291 9eb9880b4645c53f1c9a02c081b100a2a2b226d1 c8ef36a2b58005254e0d35eb9f0f78a0a2f57daca770a9b4d69fbd2b3d010c8f Loading...

	www.vcita.com/api/client_zones/k6wi53k9co66qjc4/account/active_engage_gate	62 B	2023-03-07	2023-03-29
Pretty URL www.vcita.com/api/client_zones/k6wi53k9co66qjc4/account/active_engage_gate IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:06 Last Seen2023-03-29 22:55:29 Times Seen5 Hash fef4af331a49aca875fbef75dcec098a 942010abdd57b7c42321806e4fd1f2de152b1c21 e9326832d95643751315c220806fb08a36146c3d871ed3b4852d3c8adb598dc4 Loading...

	walls-electric.com/wp-includes/js/underscore.min.js?ver=1.8.3	16 kB	2023-03-07	2024-04-22
Pretty URL walls-electric.com/wp-includes/js/underscore.min.js?ver=1.8.3 IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:25 Last Seen2024-04-22 17:35:36 Times Seen1233 Hash 6a3a434a1360cc744341e97de9177bc6 d110825c3252a677ce8b6fd81cd2eda0201e4e1b 4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828 Loading...

	walls-electric.com/	345 B	2023-03-08	2023-03-08
Pretty URL walls-electric.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:50:08 Last Seen2023-03-08 04:50:08 Times Seen1 Hash 7499ba99fd7eee59f2e52d74d5a7d638 3a02d865e94c0962e462c9dd6b523a0b05aeb821 e836548f2c54d325a36bbf5626980fa44b01b029829399073d80e64dfde9a747 Loading...

	www.vcita.com/api/client_zones/k6wi53k9co66qjc4/account/active_engage_gate	462 B	2023-03-07	2023-03-29
Pretty URL www.vcita.com/api/client_zones/k6wi53k9co66qjc4/account/active_engage_gate IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:06 Last Seen2023-03-29 22:55:29 Times Seen5 Hash 21ada8b35a2b728a90b131bc4b7f6940 c11585509f5eec0d5678acb31e7a8a1fe76b9371 fa4f94d472a3c952d6593f9a478ac61dd249b354aa6ad2fb585a8c3a7c007a0e Loading...

	www.vcita.com/api/client_zones/k6wi53k9co66qjc4/account/active_engage_gate	1.5 kB	2023-03-08	2023-03-08
Pretty URL www.vcita.com/api/client_zones/k6wi53k9co66qjc4/account/active_engage_gate IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:50:08 Last Seen2023-03-08 04:50:08 Times Seen1 Hash 61be91deb9a2c6b64c1aff4c688c5787 fb3d838e5ad8bdfa66ca500528eebb4dcd9980ee f3dcaa507d7e3468a631cf76fb7fda9da1a8e92c2c2460f05bebd1fb4a0cf784 Loading...

	walls-electric.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js	1.2 kB	2023-03-07	2024-01-31
Pretty URL walls-electric.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-31 16:23:41 Times Seen37 Hash 02e2d3983e38c9bce62b5a450d8ef056 075d832d09eb6ec64df1205e5a23644c9657450c e45a2dc0c3d0072db0ad96e13e64a8ebabf7f36cd0cec49932117a6c2998931b Loading...

	walls-electric.com/	2.9 kB	2023-03-08	2023-03-08
Pretty URL walls-electric.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:50:08 Last Seen2023-03-08 04:50:08 Times Seen1 Hash 7548fa9c35c8c749c87fea76a5e1db57 a194742807ef547f0f9944f937196d1c1246163f bcd8e2b46b6e202a59c0c2f7f5a2c613f482efc66673a057d6923ab2273400d6 Loading...

	walls-electric.com/	74 B	2023-03-07	2024-01-05
Pretty URL walls-electric.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-05 14:28:13 Times Seen13 Hash 0ca1d59c845951c81df3723cf6e06509 77d9dd33d3dc07adc4608a84eccb29c836e0ec15 f298881955505374d260f5586d86a2ac4db77f061b0bf2ddadde8c7ce3dd9b41 Loading...

	walls-electric.com/	714 B	2023-03-08	2023-03-08
Pretty URL walls-electric.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:50:08 Last Seen2023-03-08 04:50:08 Times Seen1 Hash 814b3faef587145bd6514196638a5e8f 1b992ace0181ee2abb35e5bea0d125a0d8461265 2af307e0852e798bc2617604de2b4706a4912226ccb834b83213190f7f2b4e46 Loading...

	walls-electric.com/cms_websites/tools/GAEventTracking/js/scripts.min.js	1.0 kB	2023-03-07	2024-01-31
Pretty URL walls-electric.com/cms_websites/tools/GAEventTracking/js/scripts.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-31 16:23:41 Times Seen37 Hash 880a1ec15331350293dc0001fddbdd05 8287010cbfd5bfa9d20b71c6320f91c0a73f0275 193eafafb10fe21b2fa8251fd5734649c077f9d19fa217fb19967189c96094ec Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 216.58.211.8 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-04-25
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 06:01:23 Times Seen1634 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	walls-electric.com/	775 B	2023-03-08	2023-03-08
Pretty URL walls-electric.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:50:08 Last Seen2023-03-08 04:50:08 Times Seen1 Hash 5968b8ddb30ac5c803e9a5fc54fade9e c828c8b67fcd1520857e101207dc9596ea196aef 6dcdc779269c222324bb34c03ff9829c6611bd17e4af040e7f0cce47dada036d Loading...

	walls-electric.com/	109 B	2023-03-08	2023-03-08
Pretty URL walls-electric.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:50:08 Last Seen2023-03-08 04:50:08 Times Seen1 Hash 40adc686dc0f3aef7f82e484c518d9ca bd750d3735c00850fe65af3c73a7ec9d5beb058a c7c9f27865917d75c4b40f0edbef0588dcd180eef15c49f7d64cb7fd8d0e1c37 Loading...

HTTP Transactions (61)

URL IP Response Size

www.walls-electric.com/

216.152.143.240

301 Moved Permanently

178 B

URL HTTP/1.1
www.walls-electric.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 22:05:20 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.walls-electric.com/

firefox.settings.services.mozilla.com/v1/

13.224.222.54

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
13.224.222.54:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 22:03:21 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5da47734f496c05ba90c546c024fb778.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: u5z5lRVcvfOFhYakvbBWQAc01rmKuyy4rs11wnS9gyJpkwrDFhH5rg==
Age: 119

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17882
Expires: Mon, 03 Oct 2022 03:03:22 GMT
Date: Sun, 02 Oct 2022 22:05:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

13.224.222.36

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
13.224.222.36:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5da47734f496c05ba90c546c024fb778.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: GpfU-AilXgj0fKPzntSF_g2g34ZP95oDBrgsEN7YO1rfTFbQoe9Htg==
age: 66724
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:05:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a27b16d4ff142cab8dc7f2e1170915d5
4f54aa8b9e8c9af30681315b7dd450fe5a623093
7817d054761bbb96aad442749184bbfd388c3b434369bea7001ec3388dffd260

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7817D054761BBB96AAD442749184BBFD388C3B434369BEA7001EC3388DFFD260"
Last-Modified: Sun, 02 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Mon, 03 Oct 2022 04:05:09 GMT
Date: Sun, 02 Oct 2022 22:05:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

13.224.222.54

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
13.224.222.54:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 21:32:53 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 21:45:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ec1080f781e2e3f66cbfcee94de754cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: VsIDMGAuz9IPXbzu52csVmjbztSLkPd7211gkOdSuukDEx-3cvcZAg==
Age: 1947

www.walls-electric.com/

216.152.143.240

301 Moved Permanently

0 B

URL HTTP/1.1
www.walls-electric.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 22:05:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://walls-electric.com/
Vary: Accept-Encoding
X-Varnish: 46492918 46679752
Age: 9
Via: 1.1 varnish (Varnish/5.2)

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5174
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:20 GMT
Last-Modified: Sun, 02 Oct 2022 20:39:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.161.231.36

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.231.36:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T6wS3J9d+b8J4ZzhhwRTiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Y5mQrlX6deJKrRGVNe2Z33H121M=

walls-electric.com/

216.152.143.240

200 OK

6.6 kB

URL HTTP/1.1
walls-electric.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1376), with CRLF, LF line terminators
Size
6.6 kB (6634 bytes)
Hash
aa51abbd1d6c5acfde497532e2bb3d52
c40cbb404bb4e36efc9c6578a2eec405e82f7fa5
22efafc8c2019203ef61143a548cb671fe5d022b0c4d40e7cf24a08b8bd60403

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6634
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 284884935 285112036
Age: 12
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11

142.250.74.106

200 OK

7.3 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28290)
Size
7.3 kB (7320 bytes)
Hash
29cec33e497be5e450f9703d98efca3b
4bcb24406115ca93d35ba145b78234b6f5e5d135
287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012

HTTP Headers

GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 07:21:44 GMT
expires: Sun, 01 Oct 2023 07:21:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
age: 139417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

walls-electric.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1

216.152.143.240

200 OK

56 kB

URL HTTP/1.1
walls-electric.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (728)
Size
56 kB (56186 bytes)
Hash
4ce8419dd86b6a5afdb3092d3edf13a6
ec5fd460e89093877ef40cddd5901c57ffd7662b
1947dcab523ba7cd472d16cec7c4edaac7d94969a5963d91102a956b08d951af

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1 HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:21 GMT
Content-Type: text/css
Content-Length: 56186
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 01:11:21 GMT
ETag: "8657d-5e939bd40a75a-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46688816
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

walls-electric.com/wp-includes/js/underscore.min.js?ver=1.8.3

216.152.143.240

200 OK

5.8 kB

URL HTTP/1.1
walls-electric.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (16194)
Size
5.8 kB (5822 bytes)
Hash
0de80519eb796dc06fa34efcf454c797
1274f536f1c2c51ad2b0c0f121da21cc43854ea5
059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:21 GMT
Content-Type: application/javascript
Content-Length: 5822
Connection: keep-alive
Last-Modified: Fri, 27 Sep 2019 00:16:13 GMT
ETag: "401a-5937dcb42d8d7-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46558663 45604521
Age: 7947
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

walls-electric.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js

216.152.143.240

200 OK

465 B

URL HTTP/1.1
walls-electric.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (1164), with no line terminators
Size
465 B (465 bytes)
Hash
ae9e1ea6af46bf62a7469101eb4a8f55
e94958da3bfd259c99019190f6c4e449e0c16aee
bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:21 GMT
Content-Type: application/javascript
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:34 GMT
ETag: "48c-5d727b339bba1-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 47022363 45667123
Age: 7872
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

walls-electric.com/cms_websites/cms_theme_custom_css.php?ver=248_11

216.152.143.240

200 OK

8.2 kB

URL HTTP/1.1
walls-electric.com/cms_websites/cms_theme_custom_css.php?ver=248_11
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (483)
Size
8.2 kB (8202 bytes)
Hash
c05d0dfcea1f6e110875ecc972c438b9
5585010fd9b27dec00ef7e1f313987860226be16
9a80711cca57c967f3bc834f3350f3c2b43aec81e86ce4ce772a16d704299f03

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:21 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 8202
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46618040
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

walls-electric.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js

216.152.143.240

200 OK

24 kB

URL HTTP/1.1
walls-electric.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (31984)
Size
24 kB (24449 bytes)
Hash
df8cb58860540fe37f48ebdd01d4f7e2
7abdbe3fd4184ea1230dd6f35391778a0a79be88
a5e0db722a02983ddd7c0687cad6b966d7f5f842b80a4c510b390cc6441ee231

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:21 GMT
Content-Type: application/javascript
Content-Length: 24449
Connection: keep-alive
Last-Modified: Thu, 14 Apr 2022 01:14:56 GMT
ETag: "17d03-5dc93059ea4c5-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 47022365 45579622
Age: 7872
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

walls-electric.com/cms_websites/tools/GAEventTracking/js/scripts.min.js

216.152.143.240

200 OK

517 B

URL HTTP/1.1
walls-electric.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (1015), with no line terminators
Size
517 B (517 bytes)
Hash
09a9e3bc0d18d851d1276481ed543c9e
87f953897b9f07e27e0b080a4320a9b78fc80167
9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:21 GMT
Content-Type: application/javascript
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:35 GMT
ETag: "3f7-5d727b3527792-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46836511 45670495
Age: 6590
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

walls-electric.com/cms_websites/js/external/scripts.js

216.152.143.240

200 OK

121 kB

URL HTTP/1.1
walls-electric.com/cms_websites/js/external/scripts.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (32077)
Size
121 kB (120679 bytes)
Hash
2b2400ce27b4d1d8ceca82bed3e8bad2
2ebaca6538cccffd5a042f53e46a18b2133acb9a
bd364f13dac56e31208849b685194592c91631fa41a8c396c5346417fccc47e7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/js/external/scripts.js HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:21 GMT
Content-Type: application/javascript
Content-Length: 120679
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "634a9-5c189ea4b2d4d-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46742115 45780065
Age: 7947
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

walls-electric.com/files/2022/09/Logo.png

216.152.143.240

200 OK

26 kB

URL HTTP/1.1
walls-electric.com/files/2022/09/Logo.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 1258 x 408, 8-bit colormap, non-interlaced\012- data
Size
26 kB (26487 bytes)
Hash
5de049cf742bb74b9c8635288aa2b203
c0bc009ec37e11ed511e9622b72abd645265bd32
75641fba61ee57a2542366a923ac8fd4414785f4158830a817f81910628e75e6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/Logo.png HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:22 GMT
Content-Type: image/png
Content-Length: 26487
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 19:24:07 GMT
ETag: "7639e974374e4f0e1f04d42a27977cb6"
Expires: Wed, 03 Dec 2025 07:52:02 GMT
Vary: Accept-Encoding
X-Varnish: 46618071
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.195

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://walls-electric.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:32:09 GMT
expires: Thu, 28 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 354793
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.195

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://walls-electric.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 354863
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

walls-electric.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif

216.152.143.240

200 OK

1.6 kB

URL HTTP/1.1
walls-electric.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
gzip compressed data, max compression\012- data
Size
1.6 kB (1635 bytes)
Hash
ba75a046539d171930796f9716eed3a4
5ea6308d72651bc0f4ab33626e6bfa175f612ea2
d9ae852f3ee0d565f8e794ad29d23b03f6ea7b47a681c891e7caa2dcfb874a8c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:22 GMT
Content-Type: image/gif
Content-Length: 1097
Connection: keep-alive
Last-Modified: Fri, 11 Oct 2013 16:05:10 GMT
ETag: "449-4e87948635980"
Vary: Accept-Encoding
X-Varnish: 285412166 284241030
Age: 6587
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

walls-electric.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js

216.152.143.240

200 OK

433 kB

URL HTTP/1.1
walls-electric.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (65350)
Size
433 kB (432702 bytes)
Hash
aa24aa3a0a9984210198ac91297db647
2108d2f01c37149228877a9672d866c08f5daee6
ce55bf8849d63b8767c7fd032fb9277ffec0bb103ca26ad3b66b330208f3855f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:21 GMT
Content-Type: application/javascript
Content-Length: 432702
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:25 GMT
ETag: "11e248-5a7d7dcacc8e5-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46688851 46076704
Age: 6590
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

walls-electric.com/files/2022/09/DL.jpg

216.152.143.240

200 OK

133 kB

URL HTTP/1.1
walls-electric.com/files/2022/09/DL.jpg
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x794, components 3\012- data
Size
133 kB (132804 bytes)
Hash
48ee448a2bf308aa4c4c67206466345e
7f451f437fb1b8c26b45ebcd7d1fff77aa4db82b
86603e7c4362c9ad1703802417dadd6a1b624eeb3cb08387a2847484c73faf95

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/DL.jpg HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/cms_websites/cms_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:22 GMT
Content-Type: image/jpeg
Content-Length: 132804
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 18:36:16 GMT
ETag: "35037c898205f851b0fbc02051cd2153"
Expires: Wed, 03 Dec 2025 06:02:11 GMT
Vary: Accept-Encoding
X-Varnish: 47022374 46074989
Age: 6591
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

walls-electric.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048

216.152.143.240

200 OK

16 kB

URL HTTP/1.1
walls-electric.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Size
16 kB (16112 bytes)
Hash
d7e0105a1d89d3a302e09d50c6d808c9
34eb40751fb3f70ffbae2f4270eb73b54349d982
cab4658b86b05ecfabd81a7f07837ff0d3a38cad66972bc583b7c3b1e1eb00ad

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048 HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:22 GMT
Content-Type: application/font-sfnt
Content-Length: 16112
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:42 GMT
ETag: "3ef0-5e8acea0cc45e"
Vary: Accept-Encoding
X-Varnish: 46522064 46075008
Age: 6590
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7020
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:05:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7020
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:05:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7020
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:05:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6983 bytes)
Hash
91079e915678800d2e2e1f68415d5dc4
2d543d6b1bed9901437c3b880bd415ece354cbf7
b9bda55eef23a199fff3bd3fde22486ef4d50edd36b105b0ee13479b96c2ba22

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6983
x-amzn-requestid: e551848c-073a-4317-8841-1fc5fd8a38c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWb3EGdoAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044b-6c6a638527bb19f621cd40b1;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dovur2A7-Vx80FdqmWlJZDBBKnAqX0t9FYOIaqikEumI9bebg171KQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "2d543d6b1bed9901437c3b880bd415ece354cbf7"
content-type: image/jpeg
age: 1195
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7020
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:05:22 GMT
Connection: keep-alive

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6321 bytes)
Hash
8bb7613964aef696917cb85a6d0bcac4
89ce0e6d742144439a96ace034adae4e7e167311
24b100b10aa041effad83e9379447f4f62d95dcf6eb27a6b093a7caaa484f964

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6321
x-amzn-requestid: 605adeca-4345-4481-999e-d50ebc123767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabGsgIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-68542d1b56697ab33dd63941;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xZUu90wyCNVEexHxRRNQz0aDhNy_u0WC2v8TVxHkQvW-evaDwfKTtQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "89ce0e6d742144439a96ace034adae4e7e167311"
content-type: image/jpeg
age: 1195
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9083 bytes)
Hash
523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 1195
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8158 bytes)
Hash
721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AM8Ox9ObWGoXI-QnnoI7QkY5mOh8j6xBPetTrhyVktVO40ekk4X2Eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 1195
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 62662
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ssl.google-analytics.com/ga.js

216.58.211.8

200 OK

17 kB

URL HTTP/2
ssl.google-analytics.com/ga.js
IP
216.58.211.8:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 02 Oct 2022 20:29:20 GMT
expires: Sun, 02 Oct 2022 22:29:20 GMT
cache-control: public, max-age=7200
age: 5762
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

walls-electric.com/cms_websites/img/tsm-favicon.ico

216.152.143.240

200 OK

32 kB

URL HTTP/1.1
walls-electric.com/cms_websites/img/tsm-favicon.ico
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
c7f1c4f34424d5247f9a2a24f3e2372c
247102bcd8a2a36f1dfa16a652002ade82ffa1b0
ed829bc8a78f82c88e5d0bcfb368a9f714b6c758b0354b057f9e083dfa4ddd6b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/img/tsm-favicon.ico HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:22 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 32038
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:29 GMT
ETag: "7d26-59379a27986df"
Vary: Accept-Encoding
X-Varnish: 46618091
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

walls-electric.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif

216.152.143.240

302 Found

0 B

URL HTTP/1.1
walls-electric.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx
Date: Sun, 02 Oct 2022 22:05:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://walls-electric.com
Vary: Accept-Encoding
X-Varnish: 46714465 46110626
Age: 6590
Via: 1.1 varnish (Varnish/5.2)

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

400 Bad Request

3 B

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
fcc3d7489d15ef49dbbf735234234cf7
654e0aaee80e38636c503629d32225db31a616de
52109349dabf69106e04ec2f493fb8b6ade94ea100227cccce6559ab8b96553f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 400 Bad Request
server: nginx
date: Sun, 02 Oct 2022 22:05:22 GMT
content-type: application/json
content-length: 3
x-amzn-requestid: fcefd5f8-d636-4fef-88e4-ec6db7d4efa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZaQfGwQIAMF0Bw=
cache-control: max-age=120,public
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0a69-73aababa1a8450b7687552d4;Sampled=0
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Error from cloudfront
x-amz-cf-id: cQWWMYcg_PIpfh64JR14gBQT6ZQvSikv0jDsS-IbytLpRjBBnU8Ejw==
age: 84
via: 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450

34.120.237.76

200 OK

1 B

URL HTTP/2
img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

HTTP Headers

GET /direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450 HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 1
x-amzn-requestid: e07bcab1-4238-4f19-bd9f-5c13df7d377f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWamH3tIAMFzbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0443-074d95046d062c2475ab5efb;Sampled=0
x-amzn-remapped-date: 
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5YU9gPtzbBt1JHoOo05mPgE4n4VPzMcFzGczDf49M3vsULsxlD_4oQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:42:47 GMT
age: 1355
etag: 
content-type: application/x-empty; charset=binary
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

walls-electric.com/

216.152.143.240

200 OK

6.6 kB

URL HTTP/1.1
walls-electric.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1376), with CRLF, LF line terminators
Size
6.6 kB (6634 bytes)
Hash
aa51abbd1d6c5acfde497532e2bb3d52
c40cbb404bb4e36efc9c6578a2eec405e82f7fa5
22efafc8c2019203ef61143a548cb671fe5d022b0c4d40e7cf24a08b8bd60403

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: walls-electric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://walls-electric.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Cookie: __utma=174765476.544665616.1664748322.1664748322.1664748322.1; __utmb=174765476.2.10.1664748322; __utmc=174765476; __utmz=174765476.1664748322.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:05:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6634
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 46492979 46521784
Age: 11
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a11c374c4fca1bc9ec953ce2e0d47d69
2c87eb9f5cb5c61deb08c5361ee2b93a9f9c15bd
2a8cbf3213023d230c716f6d0e3bd8fa42f7c0d81e69680af7e1660a4a271e6c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 637
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:05:22 GMT
Last-Modified: Sun, 02 Oct 2022 21:54:46 GMT
Server: ECS (amb/6B73)
X-Cache: HIT
Content-Length: 279

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://walls-electric.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:53:39 GMT
expires: Tue, 26 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 529904
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

c15117557.ssl.cf2.rackcdn.com/avatar/image/925681/normal_dw15nd4vforlfhbieqi9kfshctgjbxba.png

23.38.200.148

200 OK

4.9 kB

URL HTTP/1.1
c15117557.ssl.cf2.rackcdn.com/avatar/image/925681/normal_dw15nd4vforlfhbieqi9kfshctgjbxba.png
IP
23.38.200.148:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 108 x 108, 8-bit gray+alpha, non-interlaced\012- data
Size
4.9 kB (4856 bytes)
Hash
e19ce16fbe9c47373abde69881b3c92b
518d579c98e8ade07bfb94604d910a10361daa11
941cf7aa0f6a0ae223f0b60674258437fe6650f9684b0817ad357ad21a308099

HTTP Headers

GET /avatar/image/925681/normal_dw15nd4vforlfhbieqi9kfshctgjbxba.png HTTP/1.1
Host: c15117557.ssl.cf2.rackcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 4856
Accept-Ranges: bytes
Last-Modified: Wed, 14 Sep 2022 19:05:51 GMT
ETag: e19ce16fbe9c47373abde69881b3c92b
X-Timestamp: 1663182350.12196
Content-Type: image/png
X-Trans-Id: tx519738cad1c8412f95703-00633a0b23ord1
Cache-Control: public, max-age=259200
Expires: Wed, 05 Oct 2022 22:05:23 GMT
Date: Sun, 02 Oct 2022 22:05:23 GMT
Connection: keep-alive

d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd

13.224.227.221

200 OK

66 kB

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd
IP
13.224.227.221:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 65516, version 1.0\012- data
Size
66 kB (65516 bytes)
Hash
db122b8081b800020ab23b71c1214b92
eda21764b8506036b5f911e596532784dc25dbae
fafcb0376b5e95ad63601b2cfc30db87a9ed0f6be6efcc611327f885c8130aa2

HTTP Headers

GET /assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://walls-electric.com
Connection: keep-alive
Referer: https://d2ra6nuwn69ktl.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 65516
date: Sun, 02 Oct 2022 22:05:24 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 02 Oct 2022 16:57:07 GMT
etag: "db122b8081b800020ab23b71c1214b92"
x-amz-version-id: fyAJyNZam6KRMBWMRTXQo9fU5I.DclbH
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 3bfef3b67836f5c4e0ad0bd80a8be8da.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: PhRLE7VeoRIgcG3pUsUjhmG6ei8zSz9s0iRFTIYnTJ5Y25w7Kj5HyA==
X-Firefox-Spdy: h2

d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/icomoon.woff?84yycz

13.224.227.221

200 OK

18 kB

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/icomoon.woff?84yycz
IP
13.224.227.221:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 18204, version 0.0\012- data
Size
18 kB (18204 bytes)
Hash
5906d6e34193a2fd84132c877ce62b6a
b0a315bacee76f22cff2ce31754afe2430f71441
dfd2ecd12c5576aa486d2e5edc94db9e3c44259b70a139bf79b807bb6638901b

HTTP Headers

GET /assets/css/icomoon/fonts/icomoon.woff?84yycz HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://walls-electric.com
Connection: keep-alive
Referer: https://d2ra6nuwn69ktl.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 18204
date: Sun, 02 Oct 2022 22:05:25 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 02 Oct 2022 16:57:07 GMT
etag: "5906d6e34193a2fd84132c877ce62b6a"
x-amz-version-id: xiIfpz2CLVaoZY1IX6BDlRD2Iikd3TH.
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 3bfef3b67836f5c4e0ad0bd80a8be8da.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: AiCoMyti1A6RAOorTH-rBslvdZhVWbOMI7PYvx15Xewqtz3hBLKO0w==
X-Firefox-Spdy: h2

d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1664748

13.224.227.221

200 OK

0 B

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1664748
IP
13.224.227.221:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/livesite.js?1664748 HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 11:44:43 GMT
x-amz-version-id: rtk4CqouCAHVt1O7djtzhvbO7X9uQsYK
server: AmazonS3
content-encoding: gzip
date: Sun, 02 Oct 2022 20:35:03 GMT
etag: W/"f2d115cea54c6a011c4c9d3abd56e8ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3bfef3b67836f5c4e0ad0bd80a8be8da.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: v5wYbK9zjlNjegmU-Cqn_mFQ0_dfFhPwWvR7RALdcpbyEu5SiviBSQ==
age: 5501
X-Firefox-Spdy: h2

d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1664748

13.224.227.221

200 OK

0 B

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1664748
IP
13.224.227.221:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/livesite.css?1664748 HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Sun, 02 Oct 2022 00:13:11 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 11:44:43 GMT
etag: W/"b431455f98e64a9a5dc2de77b831d129"
x-amz-version-id: FMyiKae3A4_eXeUZCuEa_iKC4cso1sM2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3bfef3b67836f5c4e0ad0bd80a8be8da.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: hPi8zo96Q7sc0mIM8R-ZxMoNtlGdSYSTDdBlr3yKTFEAYwgTpdjqnw==
age: 78732
X-Firefox-Spdy: h2

www.vcita.com/widgets/active_engage/configuration?id=k6wi53k9co66qjc4&callback=jQuery111107227923245965482_1664748322518&_=1664748322519

104.18.3.196

200 OK

0 B

URL HTTP/2
www.vcita.com/widgets/active_engage/configuration?id=k6wi53k9co66qjc4&callback=jQuery111107227923245965482_1664748322518&_=1664748322519
IP
104.18.3.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widgets/active_engage/configuration?id=k6wi53k9co66qjc4&callback=jQuery111107227923245965482_1664748322518&_=1664748322519 HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:05:23 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
status: 200 OK
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
x-ua-compatible: IE=Edge,chrome=1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-request-id: d6fcad5667972e12cb49fede60fbca18
x-runtime: 0.082034
x-rack-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: source_referrer=https%3A%2F%2Fwalls-electric.com%2F; path=/
app_attribution_params=%5B%7B%22source_referrer%22%3A%22https%3A%2F%2Fwalls-electric.com%2F%22%2C%22time_stamp%22%3A%222022-10-02T22%3A05%3A23%2B00%3A00%22%7D%5D; domain=www.vcita.com; path=/; expires=Sat, 02-Oct-2032 22:05:23 GMT
____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWIyNTQxOTZlZGMwZWU4ZWViMTg4MWY4YTA0M2UwNDFkBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiBodHRwczovL3dhbGxzLWVsZWN0cmljLmNvbS8GOwBG--e1bfae071b8836f8831db1d19c9840952bb4852e; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 22:05:23 GMT; secure; HttpOnly
_cfuvid=SDMlVXBmEnyUR83Xy.ej52h5V_d0IGK6UGWtcD8YPvM-1664748323389-0-604800000; path=/; domain=.www.vcita.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7540bd39ba0c1c12-OSL
X-Firefox-Spdy: h2

www.vcita.com/cdn-cgi/rum?

104.18.3.196

200 OK

0 B

URL HTTP/2
www.vcita.com/cdn-cgi/rum?
IP
104.18.3.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1425
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/api/client_zones/k6wi53k9co66qjc4/account/active_engage_gate
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWIyNTQxOTZlZGMwZWU4ZWViMTg4MWY4YTA0M2UwNDFkBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiBodHRwczovL3dhbGxzLWVsZWN0cmljLmNvbS8GOwBG--e1bfae071b8836f8831db1d19c9840952bb4852e; _cfuvid=SDMlVXBmEnyUR83Xy.ej52h5V_d0IGK6UGWtcD8YPvM-1664748323389-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:05:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.vcita.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7540bd3efeaa1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.vcita.com/tr_pics/i?p=1979208&o=bG9hZGVy

104.18.3.196

200 OK

0 B

URL HTTP/2
www.vcita.com/tr_pics/i?p=1979208&o=bG9hZGVy
IP
104.18.3.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tr_pics/i?p=1979208&o=bG9hZGVy HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWIyNTQxOTZlZGMwZWU4ZWViMTg4MWY4YTA0M2UwNDFkBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiBodHRwczovL3dhbGxzLWVsZWN0cmljLmNvbS8GOwBG--e1bfae071b8836f8831db1d19c9840952bb4852e; _cfuvid=SDMlVXBmEnyUR83Xy.ej52h5V_d0IGK6UGWtcD8YPvM-1664748323389-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:05:23 GMT
content-type: image/gif
status: 200 OK
cache-control: must-revalidate, no-cache, no-store, private, max-age=0
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-disposition: inline
content-transfer-encoding: binary
x-ua-compatible: IE=Edge,chrome=1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: app_attribution_params=%5B%7B%22source_referrer%22%3A%22https%3A%2F%2Fwalls-electric.com%2F%22%2C%22time_stamp%22%3A%222022-10-02T22%3A05%3A23%2B00%3A00%22%7D%5D; domain=www.vcita.com; path=/; expires=Sat, 02-Oct-2032 22:05:23 GMT
____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWIyNTQxOTZlZGMwZWU4ZWViMTg4MWY4YTA0M2UwNDFkBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiBodHRwczovL3dhbGxzLWVsZWN0cmljLmNvbS8GOwBG--e1bfae071b8836f8831db1d19c9840952bb4852e; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 22:05:23 GMT; secure; HttpOnly
x-request-id: f4fbffff81b780ab540d9e31a82a4871
x-runtime: 0.018843
x-rack-cache: miss
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7540bd3d8d931c12-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://walls-electric.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 22:05:21 GMT
date: Sun, 02 Oct 2022 22:05:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL