Report - carretoelectricca.com/

Report Overview

Submitted URL
carretoelectricca.com/
IP
216.152.143.240
ASN
#13768 COGECO-PEER1
Submitted
2022-10-24 21:14:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	594 B	127 B	35.162.110.205
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	61 kB	34.120.237.76
ssl.google-analytics.com	275	2012-10-02T06:58:30Z	2023-03-10T14:13:17Z	359 B	18 kB	142.250.74.40
carretoelectricca.com	unknown			11 kB	2.1 MB	216.152.143.240
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.6 kB	5.6 kB	142.250.74.35
use.typekit.net	494	2012-07-05T03:42:39Z	2023-03-10T05:27:57Z	1.5 kB	25 kB	23.36.76.186
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	413 B	746 B	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	401 B	5.9 kB	34.160.144.191
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-10T14:01:59Z	435 B	8.4 kB	142.250.74.138
static.cloudflareinsights.com	1294	2019-09-24T16:34:56Z	2023-03-10T13:32:49Z	439 B	393 B	104.16.56.101
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T13:37:03Z	1.0 kB	45 kB	216.58.207.195
d2ra6nuwn69ktl.cloudfront.net	unknown	2020-12-16T22:42:09Z	2023-03-09T02:58:07Z	1.8 kB	155 kB	143.204.42.162
www.vcita.com	65076	2012-05-21T15:44:40Z	2023-03-09T14:59:49Z	3.6 kB	3.8 kB	104.18.3.196
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	758 B	2.8 kB	143.204.55.27
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	658 B	1.4 kB	93.184.220.29
secure.adnxs.com	396	2012-05-22T18:37:37Z	2023-03-10T05:19:42Z	1.5 kB	3.2 kB	185.89.211.116
p.typekit.net	620	2012-05-23T16:28:57Z	2023-03-10T05:27:57Z	429 B	357 B	23.36.76.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed
2022-10-24	medium	carretoelectricca.com	Sinkholed

JavaScript (19)

	URL	Size	First Seen	Last Seen
	carretoelectricca.com/	108 B	2023-03-10	2023-03-10
Pretty URL carretoelectricca.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:31:04 Last Seen2023-03-10 14:31:04 Times Seen1 Hash 0f800094d002f9287217bd5ea82a0251 a621e560f9fe74daca81e99f5f3501145485c98e 69d9536592a6e285ff3902398f776e044711a5f29d2a70e7b9c3d4c1fbad286c Loading...

	carretoelectricca.com/	713 B	2023-03-10	2023-03-10
Pretty URL carretoelectricca.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:31:04 Last Seen2023-03-10 14:31:04 Times Seen1 Hash 9d042453d5cb98f30d79e007f0e8a0cc 7c136de373ecc1bf4b4329794a8bc8a709056091 104645b33c9ae24e5745a81b798561e3aa6edded4051f9ac9b8bbb7d0961aa09 Loading...

	carretoelectricca.com/cms_websites/tools/GAEventTracking/js/scripts.min.js	1.0 kB	2023-03-07	2024-01-31
Pretty URL carretoelectricca.com/cms_websites/tools/GAEventTracking/js/scripts.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-31 16:23:41 Times Seen37 Hash 880a1ec15331350293dc0001fddbdd05 8287010cbfd5bfa9d20b71c6320f91c0a73f0275 193eafafb10fe21b2fa8251fd5734649c077f9d19fa217fb19967189c96094ec Loading...

	carretoelectricca.com/	2.9 kB	2023-03-10	2023-03-10
Pretty URL carretoelectricca.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:31:04 Last Seen2023-03-10 14:31:04 Times Seen1 Hash 8f7fb67e55b1b9a597328b09bcd8736c 69bfc0baee2954fa4960f29a29fbfe72dea6651b 9c576b8edd3a36ccdcf4e537bfd2c65c0ca83acea9a8d86860d80410e1a887a4 Loading...

	www.vcita.com/widgets/active_engage/configuration?id=f2zoz3c7sx2i8m0m&callback=jQuery111101774415974105713_1666646067149&_=1666646067150	3.0 kB	2023-03-10	2023-03-10
Pretty URL www.vcita.com/widgets/active_engage/configuration?id=f2zoz3c7sx2i8m0m&callback=jQuery111101774415974105713_1666646067149&_=1666646067150 IP 104.18.3.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:31:04 Last Seen2023-03-10 14:31:04 Times Seen1 Hash a5c36255b2d8834f27b9c54e66cbb252 a0016d5ed713d3b8fb6040ed4136d7e0d4a3b82b ed6960fc992358985f564d12e38dfed9b49e73aa34f5243b186d9cfcf538d455 Loading...

	www.vcita.com/api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate	1.5 kB	2023-03-10	2023-03-10
Pretty URL www.vcita.com/api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate IP 104.18.3.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:31:04 Last Seen2023-03-10 14:31:04 Times Seen1 Hash e461c4a557944c09aacc1bb364963bd8 d5ecdebf04f8a2d486098bdb050905b6cc5ae6ec 7827af0f4fd6219f046cdc6aaf70e567e0e923eb14e8ab0a2b8b194b4d30680c Loading...

	carretoelectricca.com/cms_websites/js/external/scripts.js	407 kB	2023-03-07	2023-03-14
Pretty URL carretoelectricca.com/cms_websites/js/external/scripts.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-14 06:47:02 Times Seen1 Hash 4a577c9981aa1b4382753aad507b39c6 88544dd831c5b7d15c9864813bfa85b90538afe3 f6e0a49a81916892daf64a97d9ccc1230323161ed2b6b1815eb174e4fe2d6c78 Loading...

	carretoelectricca.com/wp-includes/js/underscore.min.js?ver=1.8.3	16 kB	2023-03-07	2024-04-22
Pretty URL carretoelectricca.com/wp-includes/js/underscore.min.js?ver=1.8.3 IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:25 Last Seen2024-04-22 17:35:36 Times Seen1233 Hash 6a3a434a1360cc744341e97de9177bc6 d110825c3252a677ce8b6fd81cd2eda0201e4e1b 4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828 Loading...

	carretoelectricca.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js	1.2 MB	2023-03-07	2024-04-22
Pretty URL carretoelectricca.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-22 06:49:03 Times Seen182 Hash 1011064a70f679eaaef8d6988d6cc493 5198abb91179ff6171ec60e54366138a06e7068f 2b36622b2d03598b27c0c17e5f50ef427810dbf17117b305dc57fbd97729b8fb Loading...

	secure.adnxs.com/px?id=1625496&t=1	0 B	2023-03-07	2024-04-26
Pretty URL secure.adnxs.com/px?id=1625496&t=1 IP 185.89.211.116 ASN #29990 ASN-APPNEX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 14:16:50 Times Seen37093000 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	carretoelectricca.com/	777 B	2023-03-10	2023-03-10
Pretty URL carretoelectricca.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:31:04 Last Seen2023-03-10 14:31:04 Times Seen1 Hash 47886f125fd04f0e3cf3f82eb0fdbf13 012a7ecd401e9727972e7d4dbec995db73c68075 ed9342f568b2c195f2dc136a711d809226f62f988ecf5be0c49b1f1849341df6 Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-04-26
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 05:43:44 Times Seen1638 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	carretoelectricca.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js	112 kB	2023-03-08	2023-03-14
Pretty URL carretoelectricca.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:17:42 Last Seen2023-03-14 02:13:04 Times Seen1 Hash 0bb48436415cba2996e470310a6f4c90 9157393fc11d20e28658dfe0048dc5e52f25d12a ff92e6200db3d6f955cfff99556bc2b8e205d11aecac4d1284e2e0e2f92b09e5 Loading...

	d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1666646	183 kB	2023-03-07	2023-04-07
Pretty URL d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1666646 IP 143.204.42.162 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:33 Last Seen2023-04-07 03:36:33 Times Seen8 Hash f2d115cea54c6a011c4c9d3abd56e8ec 0302243ae2b62f1c41277bad4421ab033b2527b4 59178178a08480bfad9e7ac7ddc7097367f0fbb152c964ba0a93dd25a56a9596 Loading...

	www.vcita.com/api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate	462 B	2023-03-07	2023-03-29
Pretty URL www.vcita.com/api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate IP 104.18.3.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:06 Last Seen2023-03-29 22:55:29 Times Seen5 Hash 21ada8b35a2b728a90b131bc4b7f6940 c11585509f5eec0d5678acb31e7a8a1fe76b9371 fa4f94d472a3c952d6593f9a478ac61dd249b354aa6ad2fb585a8c3a7c007a0e Loading...

	carretoelectricca.com/	74 B	2023-03-07	2024-01-05
Pretty URL carretoelectricca.com/ IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-05 14:28:13 Times Seen13 Hash 0ca1d59c845951c81df3723cf6e06509 77d9dd33d3dc07adc4608a84eccb29c836e0ec15 f298881955505374d260f5586d86a2ac4db77f061b0bf2ddadde8c7ce3dd9b41 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	www.vcita.com/api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate	62 B	2023-03-07	2023-03-29
Pretty URL www.vcita.com/api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate IP 104.18.3.196 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:06 Last Seen2023-03-29 22:55:29 Times Seen5 Hash fef4af331a49aca875fbef75dcec098a 942010abdd57b7c42321806e4fd1f2de152b1c21 e9326832d95643751315c220806fb08a36146c3d871ed3b4852d3c8adb598dc4 Loading...

	carretoelectricca.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js	1.2 kB	2023-03-07	2024-01-31
Pretty URL carretoelectricca.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-31 16:23:41 Times Seen37 Hash 02e2d3983e38c9bce62b5a450d8ef056 075d832d09eb6ec64df1205e5a23644c9657450c e45a2dc0c3d0072db0ad96e13e64a8ebabf7f36cd0cec49932117a6c2998931b Loading...

HTTP Transactions (76)

URL IP Response Size

carretoelectricca.com/

216.152.143.240

301 Moved Permanently

178 B

URL HTTP/1.1
carretoelectricca.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 24 Oct 2022 21:14:25 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://carretoelectricca.com/

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
cd8d0809aa5948f2a6ee41d2158861af
098cd24ac587cdc70137af412678526de4d43969
88e6741d6bf076bf7132c7cf98456702cc775476095aafd839888edff52fb03e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Alert, Retry-After, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 20:53:04 GMT
Expires: Mon, 24 Oct 2022 21:02:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -SfM2EStBYjx6wn1Pw6_qfzI-2R8An-EgGauH-0c9O7ru3yFKFr_RA==
Age: 1281

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4094
Expires: Mon, 24 Oct 2022 22:22:39 GMT
Date: Mon, 24 Oct 2022 21:14:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cecd3b2e0cd07173ee1fb63b0a744119
774e0935fffd5bb39799c040098e32c3dc88702f
78c2c60f2d752f572f1711e23aa3f82d5e5bce1940064405f6f989886f6315df

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78C2C60F2D752F572F1711E23AA3F82D5E5BCE1940064405F6F989886F6315DF"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Mon, 24 Oct 2022 23:29:09 GMT
Date: Mon, 24 Oct 2022 21:14:25 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: WyOVRjhna/PNC0EZzs2dwxtRWvlfUdJPYz4KbP9PFQWLV6mtY7Z9iNAnfYyQXIuhSYEhWpdUPuQSe6Cfa809eA==
x-amz-request-id: MJ0NF15AS54YRR30
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 20:38:31 GMT
age: 2154
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 21:14:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eb72b97431c216f7260438b2437a9009
8c84629a03bbb718c826349bede902f598b43b92
9411962775ea43d4a90fe7315e16ae6079e7b5b2502c0911377ef4aab6753373

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9411962775EA43D4A90FE7315E16AE6079E7B5B2502C0911377EF4AAB6753373"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Tue, 25 Oct 2022 03:14:11 GMT
Date: Mon, 24 Oct 2022 21:14:26 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 24 Oct 2022 20:33:32 GMT
Expires: Mon, 24 Oct 2022 20:58:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dY20gG7y2emgyPekeH8Rr_jrjsa2rlmMf0LrLl_NsN9ih4wGwJ_dpg==
Age: 2454

carretoelectricca.com/

216.152.143.240

200 OK

7.4 kB

URL HTTP/1.1
carretoelectricca.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1067), with CRLF, LF line terminators
Size
7.4 kB (7442 bytes)
Hash
2241710766fbb5454ac616bbed611853
94f5279874cc5ec6ec228c55fa2dcedfdb09e842
d1439d915124b7d849f3d181aed7ea6cc3ae0c778262afc75dad41df161d61b3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7442
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 120777141 120775071
Age: 247
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:14:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:14:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11

142.250.74.138

200 OK

7.3 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28290)
Size
7.3 kB (7320 bytes)
Hash
29cec33e497be5e450f9703d98efca3b
4bcb24406115ca93d35ba145b78234b6f5e5d135
287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012

HTTP Headers

GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 09:54:40 GMT
expires: Thu, 19 Oct 2023 09:54:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 472786
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6169
Cache-Control: max-age=131708
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:14:26 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 09:49:34 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

secure.adnxs.com/seg?add=31445520&t=1

185.89.211.116

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=31445520&t=1
IP
185.89.211.116:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=31445520&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31445520%26t%3D1
AN-X-Request-Uuid: 3a1bad6b-293e-4fa3-8639-3241405bbcab
Set-Cookie: uuid2=4116624390717104422; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 22-Jan-2023 21:14:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

secure.adnxs.com/px?id=1625496&t=1

185.89.211.116

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/px?id=1625496&t=1
IP
185.89.211.116:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px?id=1625496&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1625496%26t%3D1
AN-X-Request-Uuid: 127e655f-7840-45a9-9824-09656e6acff4
Set-Cookie: uuid2=4716876758733651815; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 22-Jan-2023 21:14:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:14:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:14:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31445520%26t%3D1

185.89.211.116

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31445520%26t%3D1
IP
185.89.211.116:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D31445520%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carretoelectricca.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 7370282a-041c-4e76-ba0d-883116ea73c0
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2ImKDI5Gn!@wnf-Te9(>wL5L!!'FM$aoBB; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 22-Jan-2023 21:14:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

secure.adnxs.com/bounce?%2Fpx%3Fid%3D1625496%26t%3D1

185.89.211.116

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1625496%26t%3D1
IP
185.89.211.116:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fpx%3Fid%3D1625496%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carretoelectricca.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 58539feb-2bb6-4d7c-8afa-224c36ebfcc2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

carretoelectricca.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1

216.152.143.240

200 OK

56 kB

URL HTTP/1.1
carretoelectricca.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (728)
Size
56 kB (56436 bytes)
Hash
5171c5f1bc6200e863123e54d0f94e80
b1b447bd47af5d47b844208fdbaea95aea24d544
3f992f3ddccc17905fa5e67ff7c46d6f7b9fc67aa8025d9b77bfa83838ae8abb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1 HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: text/css
Content-Length: 56436
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 01:16:35 GMT
ETag: "86959-5ea5371c7e498-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 557096008 537811226
Age: 248
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

use.typekit.net/gzr2bkz.css

23.36.76.186

200 OK

634 B

URL HTTP/2
use.typekit.net/gzr2bkz.css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
634 B (634 bytes)
Hash
3d4c02bbb663e18326b2929ae2b4a371
3634a04a00cec83186af10c52a4d9ffa13a20669
241265d28a109e616487485f4016d3e484a6f2aad2b409e7150b89b3d0ffbe4a

HTTP Headers

GET /gzr2bkz.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 634
date: Mon, 24 Oct 2022 21:14:26 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=gzr2bkz&ht=tk&f=591.592&a=107517295&app=typekit&e=css

23.36.76.186

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=gzr2bkz&ht=tk&f=591.592&a=107517295&app=typekit&e=css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=gzr2bkz&ht=tk&f=591.592&a=107517295&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Mon, 24 Oct 2022 21:14:26 GMT
X-Firefox-Spdy: h2

carretoelectricca.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js

216.152.143.240

200 OK

27 kB

URL HTTP/1.1
carretoelectricca.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (31992)
Size
27 kB (27146 bytes)
Hash
43e4680f6eac3296c5890df07ef0e681
364f900918d939eeb9248371dc47bf36a947c008
70bd2fb470b84cb10b17c9064b41847322d8e1cf92265efd7579bc955cf1e12e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: application/javascript
Content-Length: 27146
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 21:11:54 GMT
ETag: "1b79d-5ea6424919d09-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 121028552 120257585
Age: 248
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js

216.152.143.240

200 OK

465 B

URL HTTP/1.1
carretoelectricca.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (1164), with no line terminators
Size
465 B (465 bytes)
Hash
ae9e1ea6af46bf62a7469101eb4a8f55
e94958da3bfd259c99019190f6c4e449e0c16aee
bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: application/javascript
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:35 GMT
ETag: "48c-5d727b3527792-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 121152293
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/cms_websites/cms_custom_css.php?ver=248_11

216.152.143.240

200 OK

3.3 kB

URL HTTP/1.1
carretoelectricca.com/cms_websites/cms_custom_css.php?ver=248_11
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text
Size
3.3 kB (3307 bytes)
Hash
a461b4c5fc249c70984f9071a0d222a2
5406c61b4e3caac1e95c88ff6605ce2c1bcf2ca7
0d6911ed936d435863fba309c38d629b2ed78a9cb4695405c3f8143403b5131d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/cms_custom_css.php?ver=248_11 HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 3307
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 91174322 94707585
Age: 175
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/cms_websites/cms_theme_custom_css.php?ver=248_11

216.152.143.240

200 OK

8.7 kB

URL HTTP/1.1
carretoelectricca.com/cms_websites/cms_theme_custom_css.php?ver=248_11
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (483)
Size
8.7 kB (8670 bytes)
Hash
31a331dccf4a7351cdc559101790e029
cdb3e75e257cb810a887887ccec4e17a3fb65e4a
403d4c3123119af46dbbfbfadcaf8cd6e4ce8d5c82e63ea7c83a62a1d878efe8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 8670
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 121152299 121116028
Age: 248
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

push.services.mozilla.com/

35.162.110.205

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.110.205:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lvgYea/ySE6CaqLAtDFDjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x2HCmYQW669N8RtQ0DFpYL77Uog=

carretoelectricca.com/wp-includes/js/underscore.min.js?ver=1.8.3

216.152.143.240

200 OK

5.8 kB

URL HTTP/1.1
carretoelectricca.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (16194)
Size
5.8 kB (5822 bytes)
Hash
0de80519eb796dc06fa34efcf454c797
1274f536f1c2c51ad2b0c0f121da21cc43854ea5
059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: application/javascript
Content-Length: 5822
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 18:16:47 GMT
ETag: "401a-59378c5d12306-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 310358324 310314024
Age: 248
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/cms_websites/tools/GAEventTracking/js/scripts.min.js

216.152.143.240

200 OK

517 B

URL HTTP/1.1
carretoelectricca.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (1015), with no line terminators
Size
517 B (517 bytes)
Hash
09a9e3bc0d18d851d1276481ed543c9e
87f953897b9f07e27e0b080a4320a9b78fc80167
9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: application/javascript
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:34 GMT
ETag: "3f7-5d727b339bba1-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 91508879
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js

216.152.143.240

200 OK

433 kB

URL HTTP/1.1
carretoelectricca.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (65350)
Size
433 kB (432702 bytes)
Hash
aa24aa3a0a9984210198ac91297db647
2108d2f01c37149228877a9672d866c08f5daee6
ce55bf8849d63b8767c7fd032fb9277ffec0bb103ca26ad3b66b330208f3855f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: application/javascript
Content-Length: 432702
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:24 GMT
ETag: "11e248-5a7d7dca2357f-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 310315885 310198022
Age: 248
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/cms_websites/js/external/scripts.js

216.152.143.240

200 OK

121 kB

URL HTTP/1.1
carretoelectricca.com/cms_websites/js/external/scripts.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (32077)
Size
121 kB (120679 bytes)
Hash
2b2400ce27b4d1d8ceca82bed3e8bad2
2ebaca6538cccffd5a042f53e46a18b2133acb9a
bd364f13dac56e31208849b685194592c91631fa41a8c396c5346417fccc47e7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/js/external/scripts.js HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "634a9-5c189ea3bb597-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 91174330
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/files/2022/09/dllogo.png

216.152.143.240

200 OK

47 kB

URL HTTP/1.1
carretoelectricca.com/files/2022/09/dllogo.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 1062 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
47 kB (47039 bytes)
Hash
65b9bd28b4f498e427e1fb2aa9bf8ed3
a34809eec779a43c72f09384c531366704372cb0
49e7bd8db6320ba36a3707324b0d9996c728443f0828d9672d9642a4dad48908

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/dllogo.png HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/png
Content-Length: 47039
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 13:53:42 GMT
ETag: "f941f6d5aa5df12ef5795b80bca5f8fb"
Expires: Thu, 25 Dec 2025 07:01:07 GMT
Vary: Accept-Encoding
X-Varnish: 310358368
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

use.typekit.net/af/f2132c/000000000000000000017393/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3

23.36.76.186

200 OK

11 kB

URL HTTP/2
use.typekit.net/af/f2132c/000000000000000000017393/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 11312, version 1.0\012- data
Size
11 kB (11312 bytes)
Hash
ad8b6f87be3cb4880778d87c9e089a06
98971935db540a49fb71ba01306d8179978c3511
acbf2b17df3c80adeff2188d2ef4bb314982100315c035562cc5e16b02f418e3

HTTP Headers

GET /af/f2132c/000000000000000000017393/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carretoelectricca.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 11312
etag: "dfd931463e92f28e3b7da185d0dc6640d1c8832b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 24 Oct 2022 21:14:27 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:14:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:14:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

216.58.207.195

200 OK

27 kB

URL HTTP/2
fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 26592, version 1.0\012- data
Size
27 kB (26592 bytes)
Hash
c2d66029cf6ae68a19e1398fc02feda6
c37e5907e49d2ed5b11f59841a3d16c911da7a5c
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716

HTTP Headers

GET /s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carretoelectricca.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 02:33:33 GMT
expires: Tue, 24 Oct 2023 02:33:33 GMT
cache-control: public, max-age=31536000
age: 67254
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

carretoelectricca.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif

216.152.143.240

200 OK

1.1 kB

URL HTTP/1.1
carretoelectricca.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
1.1 kB (1097 bytes)
Hash
2a07edce0f76003d12f3693e7f62edc2
661766632e5fa48d967f8ed7ae8c0df2a4dead06
039a26881ec489fa598d5cc7b46025fc32b0f2c963f8fd904bf48799af646eb7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/gif
Content-Length: 1097
Connection: keep-alive
Last-Modified: Fri, 11 Oct 2013 16:05:10 GMT
ETag: "449-4e87948635980"
Vary: Accept-Encoding
X-Varnish: 91508907
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:14:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

carretoelectricca.com/files/2022/09/CarretoLogo_1.png

216.152.143.240

200 OK

49 kB

URL HTTP/1.1
carretoelectricca.com/files/2022/09/CarretoLogo_1.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 1062 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
49 kB (48873 bytes)
Hash
c15fa1ff7808a3a0fa89697c578006be
087bc1b1587f2ea07d9bdecbd298a73a3d380dec
a18364214a062c8afe4954aa49a7d99ff72c2763e99b1a82ee98021a4cfe1b21

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/CarretoLogo_1.png HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/png
Content-Length: 48873
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 13:47:40 GMT
ETag: "eede090f574315e658506e6fd634707d"
Expires: Thu, 25 Dec 2025 07:01:07 GMT
Vary: Accept-Encoding
X-Varnish: 121028579
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048

216.152.143.240

200 OK

16 kB

URL HTTP/1.1
carretoelectricca.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Size
16 kB (16112 bytes)
Hash
d7e0105a1d89d3a302e09d50c6d808c9
34eb40751fb3f70ffbae2f4270eb73b54349d982
cab4658b86b05ecfabd81a7f07837ff0d3a38cad66972bc583b7c3b1e1eb00ad

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048 HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: application/font-sfnt
Content-Length: 16112
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:44 GMT
ETag: "3ef0-5e8acea2723a0"
Vary: Accept-Encoding
X-Varnish: 309866811 310226055
Age: 248
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif

216.152.143.240

302 Found

0 B

URL HTTP/1.1
carretoelectricca.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://carretoelectricca.com
Vary: Accept-Encoding
X-Varnish: 121152335 120024698
Age: 220
Via: 1.1 varnish (Varnish/5.2)

carretoelectricca.com/files/2022/09/1664548775420_bigstock_man_works_with_electrical_wire_458178395.jpg?w=1600&a=t

216.152.143.240

200 OK

131 kB

URL HTTP/1.1
carretoelectricca.com/files/2022/09/1664548775420_bigstock_man_works_with_electrical_wire_458178395.jpg?w=1600&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x580, components 3\012- data
Size
131 kB (130812 bytes)
Hash
0f432d22316d3c0e49f1c98ad7019756
9f06c7e0d5e9743903f8fe8c5c69ca86a3dd8f29
b953a53769b980c9bbe833c41c0ce32223eda9c51f471ce481576b4a8f23e4a4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/1664548775420_bigstock_man_works_with_electrical_wire_458178395.jpg?w=1600&a=t HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/jpeg
Content-Length: 130812
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 21:14:27 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Thu, 03 Nov 2022 21:14:27 GMT
Vary: Accept-Encoding
X-Varnish: 556839567
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/files/2022/09/bigstock-The-Electrician-Is-Holding-An--448619950.jpg

216.152.143.240

200 OK

166 kB

URL HTTP/1.1
carretoelectricca.com/files/2022/09/bigstock-The-Electrician-Is-Holding-An--448619950.jpg
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=1866, bps=0, PhotometricIntepretation=RGB, description=The electrician is holding an electric wire and pliers in his hands. An electrician repairs an electrical wire for connecting a, orientation=upper-left, width=2800], baseline, precision 8, 2800x1866, components 3\012- data
Size
166 kB (165954 bytes)
Hash
76ec03db51f2a90b72d5d50883f8e47a
71bedae62a1924a2751ce8140dd22fed395068d7
be988a890620330a89bbfbe5d2ca08dbbf97d3dc5cf2e6877abddd00e14cda1b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/bigstock-The-Electrician-Is-Holding-An--448619950.jpg HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/jpeg
Content-Length: 165954
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 15:18:58 GMT
ETag: "37bf0887227f7da9ea0bfedbd55bd412"
Expires: Thu, 25 Dec 2025 06:56:59 GMT
Vary: Accept-Encoding
X-Varnish: 121028612 119821646
Age: 248
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/

216.152.143.240

200 OK

7.4 kB

URL HTTP/1.1
carretoelectricca.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1067), with CRLF, LF line terminators
Size
7.4 kB (7442 bytes)
Hash
2241710766fbb5454ac616bbed611853
94f5279874cc5ec6ec228c55fa2dcedfdb09e842
d1439d915124b7d849f3d181aed7ea6cc3ae0c778262afc75dad41df161d61b3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carretoelectricca.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7442
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 305986533 310032036
Age: 232
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

carretoelectricca.com/files/2022/09/1664548754675_pexels_saya_kimura_401107.jpg?w=1600&a=t

216.152.143.240

200 OK

117 kB

URL HTTP/1.1
carretoelectricca.com/files/2022/09/1664548754675_pexels_saya_kimura_401107.jpg?w=1600&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x511, components 3\012- data
Size
117 kB (117356 bytes)
Hash
5a3b1cb41d8de3403391327a35eb8097
b9cbcede30a4b7e4dcef8d49c65043499ce29cce
cf993da87b58c503f37c721ac0f688b1eb1efd9fd56a852936dd74626a02586a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/1664548754675_pexels_saya_kimura_401107.jpg?w=1600&a=t HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/jpeg
Content-Length: 117356
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 21:14:27 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Thu, 03 Nov 2022 21:14:27 GMT
Vary: Accept-Encoding
X-Varnish: 121028609
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20451
Expires: Tue, 25 Oct 2022 02:55:19 GMT
Date: Mon, 24 Oct 2022 21:14:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20451
Expires: Tue, 25 Oct 2022 02:55:19 GMT
Date: Mon, 24 Oct 2022 21:14:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20451
Expires: Tue, 25 Oct 2022 02:55:19 GMT
Date: Mon, 24 Oct 2022 21:14:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9894 bytes)
Hash
9983bdfe8dbe8386970aae586bb57575
4c5ff521fec700a1cda73325eebbeb88f97baa39
775d510a8d82ed993085e3d828c33b75eee99db2911b90d6151faf5c2e25b5d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: 8d639b03-49d2-411b-b0ca-39c5dafe21f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOtF6YIAMF-4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b591-230070a06848d4d90ea4f6ef;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mYzFAcyUErnaOlGBX0ygFYZ4608EanLq5V4xzX7qCHQRGzkKwwWvHw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:36:45 GMT
age: 81463
etag: "4c5ff521fec700a1cda73325eebbeb88f97baa39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4434 bytes)
Hash
f12f21779aa94b557db8037ceefd15b2
1698d8d0ff47fc4e6dd20d99ceae84cfcdd69e86
0d33ee5a721c2f940ff1e7d5fae9abba3781f6d37e458a36285718466ecdcd10

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e8ac15f-1a51-4bfe-ab4a-570fc480a976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4434
x-amzn-requestid: 41e95a27-2955-4224-8d2c-f12d1254cda7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0EQboAMFmMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-5cb99b700c84c99c2d9e52d7;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 49FYzrcMWfgHbe4smL20px9dbIcXIGCujJ6djuVRT3bEwCkBvgz7Iw==
via: 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:57 GMT
age: 84451
etag: "1698d8d0ff47fc4e6dd20d99ceae84cfcdd69e86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10072 bytes)
Hash
af3d4b4d16ad8b30805be96afa6472e3
bceb257123711c43994e5a03e9caf22eeee16423
30d7fea8d87522ce3ba2abf2c47e0025af1b7c05d6b4ea9f26aaa1f06aff4a67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10072
x-amzn-requestid: 2f26fcdb-0540-49ea-be46-83c00182fcc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FKvoAMFVFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1be524647e3db4a211e4c4ff;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sNu31Qx0p_Ikus0GsGKRNGVxOGnIRSewAXfkXyzOCmT6bJ1D1Qz-0w==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:10:20 GMT
etag: "bceb257123711c43994e5a03e9caf22eeee16423"
content-type: image/jpeg
age: 83048
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8400 bytes)
Hash
3f174281da48e4a62aab93bcdc57d14a
8ee29d073b84530a30bb370838598115f1a65da8
0096edb7703f0bcea7e5c0d5b529482eceea9123f5f3b278f3f9012f87875f1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8400
x-amzn-requestid: b1436934-5b97-4aa8-937a-78bce0b9181c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelN4GACoAMFYmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b58b-29da495d75578b3c20eb37ba;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:39 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: glooBvGL65FGrYbL-DVx3o9aVH28zKh3hlXiw5vTRe_PJMLLnYqM1g==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:54:55 GMT
age: 83973
etag: "8ee29d073b84530a30bb370838598115f1a65da8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3257320-582a-498d-9e0c-531ea65fbbe0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 772-513, spot sensor temperature 0.000000, unit celsius, color scheme 1, calibration: offset 0.000000, slope 241254190455726276608.000000\012- data
Size
14 kB (13962 bytes)
Hash
88436497b6fe5e22155afc45e9e8fe3e
5004575548d76d878a7f27bb3fc4a9a10e8f6909
304c2388dd96c82582d490cd473174b11eac53bf408a29ed78e23d77139ef243

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3257320-582a-498d-9e0c-531ea65fbbe0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13962
x-amzn-requestid: 84f8b505-da9d-421c-b00a-3d6407aac332
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDQETqoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b547-566c7abb12b09a565be85833;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: p0vFhx0iHI6stdq-3zIoeKKB6xihzwhHWgkK0Wne5rbRCjZflcew8A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:09:39 GMT
age: 83089
etag: "5004575548d76d878a7f27bb3fc4a9a10e8f6909"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

carretoelectricca.com/files/2022/09/bigstock-Electricity-And-Electrical-Mai-454161249.jpg

216.152.143.240

200 OK

173 kB

URL HTTP/1.1
carretoelectricca.com/files/2022/09/bigstock-Electricity-And-Electrical-Mai-454161249.jpg
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=1867, bps=0, PhotometricIntepretation=RGB, description=Electricity and electrical maintenance service, Engineer using measuring equipment tool checking electric current voltage at ci, manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, width=2800], baseline, precision 8, 2800x1867, components 3\012- data
Size
173 kB (172702 bytes)
Hash
2f3520ae5dbb2289d440cac805dbada7
019ac4360f40eb822e1d7933b4d2960b96a03e61
4c3b7ace0a6f1f85f1c82c87b413cd859e9f7280fe125a680e57a5207aecaa7f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/bigstock-Electricity-And-Electrical-Mai-454161249.jpg HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/jpeg
Content-Length: 172702
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 14:36:18 GMT
ETag: "e1c4857d6a2a1b4c8c85bc9d52296be6"
Expires: Thu, 25 Dec 2025 07:01:07 GMT
Vary: Accept-Encoding
X-Varnish: 91174393
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe87578f5-db38-4350-a6ac-22b0577d75a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7435 bytes)
Hash
548cc254725b085a0794f02585db37f6
69ebcb96188f5e3f6355aabecbe925e26ff00668
09906078ef781e283e939b86e3ee34665ed5df4524a9af4be26f7106a8cab836

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe87578f5-db38-4350-a6ac-22b0577d75a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7435
x-amzn-requestid: fd538694-534d-4938-bebc-1131c0bb7c62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB1HWdIAMFuSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-2f9210cb5a6a28a71b130497;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GFV2nCltq7Zg9MXGD96a5ajF-Kih-yNwv2rQC8Omlyla0UQ01TYkmw==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:12:47 GMT
age: 82901
etag: "69ebcb96188f5e3f6355aabecbe925e26ff00668"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

carretoelectricca.com/files/2022/09/1664549787943_pexels_pixabay_207489_1.jpg?w=1600&a=t

216.152.143.240

200 OK

183 kB

URL HTTP/1.1
carretoelectricca.com/files/2022/09/1664549787943_pexels_pixabay_207489_1.jpg?w=1600&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x675, components 3\012- data
Size
183 kB (182797 bytes)
Hash
0f5935d2163df7a0190cde4bee82b05a
b18b3cedd78cfb96b03d77539c08017c00b2e2f8
3db357459a3bfa596a812d60976c1c6c62bcc1681a4990e99e6fbcb58b0cb218

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/1664549787943_pexels_pixabay_207489_1.jpg?w=1600&a=t HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/jpeg
Content-Length: 182797
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 21:14:27 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Thu, 03 Nov 2022 21:14:27 GMT
Vary: Accept-Encoding
X-Varnish: 121028617
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1666646

143.204.42.162

200 OK

60 kB

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/livesite.js?1666646
IP
143.204.42.162:0
ASN
#16509 AMAZON-02

File type
data
Size
60 kB (60181 bytes)
Hash
a40a28c0b645c0819f0235f9f2a0d0bc
c3581bd0ff801158a412700493f8789a488ee0b5
ea819e3f2d0d541b4b13feddad90c87052b2384c7aee8dadf4e922a39e037331

HTTP Headers

GET /assets/livesite.js?1666646 HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Oct 2022 16:17:59 GMT
x-amz-version-id: WfCc63iSSYxtoOgieax0Eee4nbrF4VXn
server: AmazonS3
content-encoding: gzip
date: Sun, 23 Oct 2022 21:44:56 GMT
etag: W/"f2d115cea54c6a011c4c9d3abd56e8ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sFc1U7k-WKhf3qmcTWyOmSSGPImNFDI0Ulrznz0XvFLIk1bCHWtpfg==
age: 85442
X-Firefox-Spdy: h2

ssl.google-analytics.com/ga.js

142.250.74.40

200 OK

17 kB

URL HTTP/2
ssl.google-analytics.com/ga.js
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 24 Oct 2022 20:32:37 GMT
expires: Mon, 24 Oct 2022 22:32:37 GMT
cache-control: public, max-age=7200
age: 2511
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1ea30e37b7f86b7d0a7cb7341087fdc1
2e88a09e17356724c7e0f488d70be82ebc64f55c
bb85d7fbaf1d4c0dc0a7cd27aebc8f21f942bf703896186a765131c80c87f059

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:14:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

carretoelectricca.com/cms_websites/img/tsm-favicon.ico

216.152.143.240

200 OK

32 kB

URL HTTP/1.1
carretoelectricca.com/cms_websites/img/tsm-favicon.ico
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
c7f1c4f34424d5247f9a2a24f3e2372c
247102bcd8a2a36f1dfa16a652002ade82ffa1b0
ed829bc8a78f82c88e5d0bcfb368a9f714b6c758b0354b057f9e083dfa4ddd6b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cms_websites/img/tsm-favicon.ico HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:28 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 32038
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:29 GMT
ETag: "7d26-59379a27986df"
Vary: Accept-Encoding
X-Varnish: 94749667
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
332a0e399170b8367053e140fc51a4c9
531d92ba693141bcb28831e54ae7bd3e43b7988a
a65ed3f41bb2296915fdb3dd2beb317803ec0bc17d6b309e5252620ac8a4a121

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=152209
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 21:14:28 GMT
Etag: "6356afc5-116"
Expires: Wed, 26 Oct 2022 15:31:17 GMT
Last-Modified: Mon, 24 Oct 2022 15:31:17 GMT
Server: nginx
Content-Length: 278

d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1666646

143.204.42.162

200 OK

8.6 kB

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/livesite.css?1666646
IP
143.204.42.162:0
ASN
#16509 AMAZON-02

File type
data
Size
8.6 kB (8635 bytes)
Hash
f29caa698f49f500b6beb50644c1544b
5eb9ca39cd2c7c353dda93c6e3cb34d20ee8aadb
b1db6d5a5a00ef896c77e1d62376cb6337b7837473b42a5b80208b021592a427

HTTP Headers

GET /assets/livesite.css?1666646 HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Oct 2022 16:17:58 GMT
x-amz-version-id: bnK8F2fcew6BppKLfyeRkj.4jX7KxeY2
server: AmazonS3
content-encoding: gzip
date: Sun, 23 Oct 2022 22:43:20 GMT
etag: W/"b431455f98e64a9a5dc2de77b831d129"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2R08IPxEv8KdotBJk7MzbmSAtiW-WOBUIct035hQ6p71UIkzS4Ontw==
age: 81069
X-Firefox-Spdy: h2

carretoelectricca.com/files/shutterstock/2022/09/1664549771789_shutterstock_103030790_1664549709_e15ee06db6d9a9391e56daa6a6e7e4c949.jpg?w=1600&a=t

216.152.143.240

200 OK

533 kB

URL HTTP/1.1
carretoelectricca.com/files/shutterstock/2022/09/1664549771789_shutterstock_103030790_1664549709_e15ee06db6d9a9391e56daa6a6e7e4c949.jpg?w=1600&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x973, components 3\012- data
Size
533 kB (533138 bytes)
Hash
01921d7cd66d8a22cf55d4f020f27095
f9f4ddf5df02360e48499d1d9a3d6d78d2ef9928
6d6978b6356e6fcc62015e8ccf52c1b8e572aaabf29bc9952a70cea989cc5489

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/shutterstock/2022/09/1664549771789_shutterstock_103030790_1664549709_e15ee06db6d9a9391e56daa6a6e7e4c949.jpg?w=1600&a=t HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/jpeg
Content-Length: 533138
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 21:14:27 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Thu, 03 Nov 2022 21:14:27 GMT
Vary: Accept-Encoding
X-Varnish: 91174382
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carretoelectricca.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 18:53:39 GMT
expires: Tue, 24 Oct 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 8450
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

use.typekit.net/af/cd003d/000000000000000000017394/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3

23.36.76.186

200 OK

12 kB

URL HTTP/2
use.typekit.net/af/cd003d/000000000000000000017394/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Size
12 kB (11824 bytes)
Hash
ea8b0bd9b667b495a89fe7454c8760d1
e01ede1513581df93410a84896f04a1107606c45
00a6b19c760e40c2d39cf89eecd6aa33ee527dbc35ebcf13cd02cbc422fe02bc

HTTP Headers

GET /af/cd003d/000000000000000000017394/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carretoelectricca.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 11824
etag: "2b738b8f9381ae6f352363d8d4bdbd6f24c78654"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 24 Oct 2022 21:14:29 GMT
X-Firefox-Spdy: h2

www.vcita.com/cdn-cgi/rum?

104.18.3.196

204 No Content

0 B

URL HTTP/2
www.vcita.com/cdn-cgi/rum?
IP
104.18.3.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1429
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTFlZWZiN2Q4ZWM5Y2M3MzZhMjUyZGM1YTg4NWQ3ZmExBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiNodHRwczovL2NhcnJldG9lbGVjdHJpY2NhLmNvbS8GOwBG--b11d956c2d82f43f3a3a451ac7dd4cf680dda8c1; _cfuvid=N.71KMChauSe57CMrDgnWCKcChjjRX4HxUVwM9XOD4Y-1666646069099-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
date: Mon, 24 Oct 2022 21:14:29 GMT
access-control-allow-origin: https://www.vcita.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 75f5b8f0cf3f1c16-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd

143.204.42.162

200 OK

66 kB

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd
IP
143.204.42.162:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 65516, version 1.0\012- data
Size
66 kB (65516 bytes)
Hash
db122b8081b800020ab23b71c1214b92
eda21764b8506036b5f911e596532784dc25dbae
fafcb0376b5e95ad63601b2cfc30db87a9ed0f6be6efcc611327f885c8130aa2

HTTP Headers

GET /assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carretoelectricca.com
Connection: keep-alive
Referer: https://d2ra6nuwn69ktl.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 65516
date: Mon, 24 Oct 2022 21:14:31 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Mon, 24 Oct 2022 13:33:15 GMT
etag: "db122b8081b800020ab23b71c1214b92"
x-amz-version-id: GO65GYamkD0O5v_8b1PMJmuAWdEMaWwo
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TMX0Ejfut6gLuJJBdVV-D5D2NHVEmRgpo9HkSeReYDf5Ej7-qSNZRg==
X-Firefox-Spdy: h2

d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/icomoon.woff?84yycz

143.204.42.162

200 OK

18 kB

URL HTTP/2
d2ra6nuwn69ktl.cloudfront.net/assets/css/icomoon/fonts/icomoon.woff?84yycz
IP
143.204.42.162:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 18204, version 0.0\012- data
Size
18 kB (18204 bytes)
Hash
5906d6e34193a2fd84132c877ce62b6a
b0a315bacee76f22cff2ce31754afe2430f71441
dfd2ecd12c5576aa486d2e5edc94db9e3c44259b70a139bf79b807bb6638901b

HTTP Headers

GET /assets/css/icomoon/fonts/icomoon.woff?84yycz HTTP/1.1
Host: d2ra6nuwn69ktl.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carretoelectricca.com
Connection: keep-alive
Referer: https://d2ra6nuwn69ktl.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 18204
date: Mon, 24 Oct 2022 21:14:31 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Mon, 24 Oct 2022 13:33:15 GMT
etag: "5906d6e34193a2fd84132c877ce62b6a"
x-amz-version-id: f10KSB7yhWaLJbO63pD1ISQiRh2mZ9E1
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eRORlGeEA8V9rbbGkzxdHJtM5H3PtBys-77u-a9dRJ1DR7LiEVgD0Q==
X-Firefox-Spdy: h2

www.vcita.com/cdn-cgi/rum?

104.18.3.196

200 OK

0 B

URL HTTP/2
www.vcita.com/cdn-cgi/rum?
IP
104.18.3.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 478
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTFlZWZiN2Q4ZWM5Y2M3MzZhMjUyZGM1YTg4NWQ3ZmExBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiNodHRwczovL2NhcnJldG9lbGVjdHJpY2NhLmNvbS8GOwBG--b11d956c2d82f43f3a3a451ac7dd4cf680dda8c1; _cfuvid=N.71KMChauSe57CMrDgnWCKcChjjRX4HxUVwM9XOD4Y-1666646069099-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 21:14:34 GMT
server: cloudflare
cf-ray: 75f5b90e6c651c16-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.vcita.com/tr_pics/i?p=1984279&o=bG9hZGVy

104.18.3.196

200 OK

0 B

URL HTTP/2
www.vcita.com/tr_pics/i?p=1984279&o=bG9hZGVy
IP
104.18.3.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tr_pics/i?p=1984279&o=bG9hZGVy HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTFlZWZiN2Q4ZWM5Y2M3MzZhMjUyZGM1YTg4NWQ3ZmExBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiNodHRwczovL2NhcnJldG9lbGVjdHJpY2NhLmNvbS8GOwBG--b11d956c2d82f43f3a3a451ac7dd4cf680dda8c1; _cfuvid=N.71KMChauSe57CMrDgnWCKcChjjRX4HxUVwM9XOD4Y-1666646069099-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 21:14:30 GMT
content-type: image/gif
status: 200 OK
cache-control: must-revalidate, no-cache, no-store, private, max-age=0
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-disposition: inline
content-transfer-encoding: binary
x-ua-compatible: IE=Edge,chrome=1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: app_attribution_params=%5B%7B%22source_referrer%22%3A%22https%3A%2F%2Fcarretoelectricca.com%2F%22%2C%22time_stamp%22%3A%222022-10-24T21%3A14%3A30%2B00%3A00%22%7D%5D; domain=www.vcita.com; path=/; expires=Sun, 24-Oct-2032 21:14:30 GMT
____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTFlZWZiN2Q4ZWM5Y2M3MzZhMjUyZGM1YTg4NWQ3ZmExBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiNodHRwczovL2NhcnJldG9lbGVjdHJpY2NhLmNvbS8GOwBG--b11d956c2d82f43f3a3a451ac7dd4cf680dda8c1; domain=.vcita.com; path=/; SameSite=None; expires=Fri, 23-Dec-2022 21:14:30 GMT; secure; HttpOnly
x-request-id: 4c9b8e87a68734d7033338763ea5a188
x-runtime: 0.021880
x-rack-cache: miss
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75f5b8ef7ddc1c16-OSL
X-Firefox-Spdy: h2

carretoelectricca.com/files/2022/09/bigstock-The-Electrician-Is-Holding-An--448619950.jpg?w=1600&a=t

216.152.143.240

200 OK

0 B

URL HTTP/1.1
carretoelectricca.com/files/2022/09/bigstock-The-Electrician-Is-Holding-An--448619950.jpg?w=1600&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/bigstock-The-Electrician-Is-Holding-An--448619950.jpg?w=1600&a=t HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/jpeg
Content-Length: 325629
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 21:14:12 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Thu, 03 Nov 2022 21:14:12 GMT
Vary: Accept-Encoding
X-Varnish: 121152313 121372782
Age: 14
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 21:14:26 GMT
date: Mon, 24 Oct 2022 21:14:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

carretoelectricca.com/files/2022/09/bigstock-Electricity-And-Electrical-Mai-454161249.jpg?w=1600&a=t

216.152.143.240

200 OK

0 B

URL HTTP/1.1
carretoelectricca.com/files/2022/09/bigstock-Electricity-And-Electrical-Mai-454161249.jpg?w=1600&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /files/2022/09/bigstock-Electricity-And-Electrical-Mai-454161249.jpg?w=1600&a=t HTTP/1.1
Host: carretoelectricca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Oct 2022 21:14:27 GMT
Content-Type: image/jpeg
Content-Length: 290651
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 21:11:08 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Thu, 03 Nov 2022 21:11:08 GMT
Vary: Accept-Encoding
X-Varnish: 305790892 310447483
Age: 198
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

www.vcita.com/widgets/active_engage/configuration?id=f2zoz3c7sx2i8m0m&callback=jQuery111101774415974105713_1666646067149&_=1666646067150

104.18.3.196

200 OK

0 B

URL HTTP/2
www.vcita.com/widgets/active_engage/configuration?id=f2zoz3c7sx2i8m0m&callback=jQuery111101774415974105713_1666646067149&_=1666646067150
IP
104.18.3.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widgets/active_engage/configuration?id=f2zoz3c7sx2i8m0m&callback=jQuery111101774415974105713_1666646067149&_=1666646067150 HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 24 Oct 2022 21:14:29 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
status: 200 OK
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
x-ua-compatible: IE=Edge,chrome=1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-request-id: 4f6c186276aee43153cdf09cf175586c
x-runtime: 0.009733
x-rack-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: source_referrer=https%3A%2F%2Fcarretoelectricca.com%2F; path=/
app_attribution_params=%5B%7B%22source_referrer%22%3A%22https%3A%2F%2Fcarretoelectricca.com%2F%22%2C%22time_stamp%22%3A%222022-10-24T21%3A14%3A29%2B00%3A00%22%7D%5D; domain=www.vcita.com; path=/; expires=Sun, 24-Oct-2032 21:14:29 GMT
____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTFlZWZiN2Q4ZWM5Y2M3MzZhMjUyZGM1YTg4NWQ3ZmExBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiNodHRwczovL2NhcnJldG9lbGVjdHJpY2NhLmNvbS8GOwBG--b11d956c2d82f43f3a3a451ac7dd4cf680dda8c1; domain=.vcita.com; path=/; SameSite=None; expires=Fri, 23-Dec-2022 21:14:29 GMT; secure; HttpOnly
_cfuvid=N.71KMChauSe57CMrDgnWCKcChjjRX4HxUVwM9XOD4Y-1666646069099-0-604800000; path=/; domain=.www.vcita.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75f5b8e8beb41c16-OSL
X-Firefox-Spdy: h2

www.vcita.com/api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate

104.18.3.196

200 OK

0 B

URL HTTP/2
www.vcita.com/api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate
IP
104.18.3.196:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/client_zones/f2zoz3c7sx2i8m0m/account/active_engage_gate HTTP/1.1
Host: www.vcita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://carretoelectricca.com/
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTFlZWZiN2Q4ZWM5Y2M3MzZhMjUyZGM1YTg4NWQ3ZmExBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiNodHRwczovL2NhcnJldG9lbGVjdHJpY2NhLmNvbS8GOwBG--b11d956c2d82f43f3a3a451ac7dd4cf680dda8c1; _cfuvid=N.71KMChauSe57CMrDgnWCKcChjjRX4HxUVwM9XOD4Y-1666646069099-0-604800000
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 24 Oct 2022 21:14:29 GMT
content-type: text/html; charset=utf-8
status: 200 OK
x-ua-compatible: IE=Edge,chrome=1
cache-control: must-revalidate, private, max-age=0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTFlZWZiN2Q4ZWM5Y2M3MzZhMjUyZGM1YTg4NWQ3ZmExBjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIiNodHRwczovL2NhcnJldG9lbGVjdHJpY2NhLmNvbS8GOwBG--b11d956c2d82f43f3a3a451ac7dd4cf680dda8c1; domain=.vcita.com; path=/; SameSite=None; expires=Fri, 23-Dec-2022 21:14:29 GMT; secure; HttpOnly
x-request-id: 88841da93cac47834c80aa8c7edcc824
x-runtime: 0.013010
x-rack-cache: miss
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75f5b8ef5dc41c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

104.16.56.101

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 24 Oct 2022 21:14:29 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 75f5b8f07ec31c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations