firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 13:13:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zsZqoxBI-ZVTuxTxehlilnbfZhydNWwJd095MUFN3_T-5uibfgJPJQ==
Age: 3292
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7128
Expires: Wed, 21 Sep 2022 16:07:15 GMT
Date: Wed, 21 Sep 2022 14:08:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J46vb6W3uKzyql3_4mzrOpuDgr2NoC34WNnEz_3QX55AfMoD9scCzA==
age: 34394
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 14:08:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e1a5f4466e9cd1c5e0b93b1b26a07966
af5a8af6b29287dd12604ed02917f0af90226124
9e41876ca054149584bff65d15f135d953cbf043500e131d1c2f66f2534f51d5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 14:08:27 GMT
Last-Modified: Wed, 21 Sep 2022 14:08:24 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g7xpM1tkJU_L6HDT3Hp-Uo598n4uMmPKczgKK2Nw7LT8XvMRE7n9dw==
Age: 3
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 14:03:22 GMT
Expires: Wed, 21 Sep 2022 14:42:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RWwPMqP4Np1dzKpXSFsYzfOhKAgOJQiznjgZQhfeu-EWWYCTgoeoJA==
Age: 305
105344.io.directiq12.com/hit?sid=55dvp3u3ev55mb9dnp&linkid=1&link=d0217573b75f4ef18b093bad29d123bb
34.232.96.61302 Found 0 B URL HTTP/2 105344.io.directiq12.com/hit?sid=55dvp3u3ev55mb9dnp&linkid=1&link=d0217573b75f4ef18b093bad29d123bb
IP 34.232.96.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?sid=55dvp3u3ev55mb9dnp&linkid=1&link=d0217573b75f4ef18b093bad29d123bb HTTP/1.1
Host: 105344.io.directiq12.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 21 Sep 2022 14:08:27 GMT
content-length: 0
location: http://www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
apigw-requestid: Y0EiXhb4oAMEM0A=
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3036
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:27 GMT
Last-Modified: Wed, 21 Sep 2022 13:17:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
216.152.143.240301 Moved Permanently 178 B URL HTTP/1.1 www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) HTTP/1.1
Host: www.sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 14:08:28 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
push.services.mozilla.com/
54.148.228.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.228.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wpc9XFjJijQ54TsPk/OptA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MS2+yXBXBT7tiocmwO5b7fN5vX4=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d46f8de768a875577f99041641daec7
8b640ff702b62cc8bf5617a40766301091603417
15e69d785afb803e571e54fde6e3239034bf90ee12bc7d93719e9c9dabb45cf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15E69D785AFB803E571E54FDE6E3239034BF90EE12BC7D93719E9C9DABB45CF5"
Last-Modified: Tue, 20 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Wed, 21 Sep 2022 20:07:41 GMT
Date: Wed, 21 Sep 2022 14:08:28 GMT
Connection: keep-alive
www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
216.152.143.240301 Moved Permanently 0 B URL HTTP/1.1 www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
IP 216.152.143.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) HTTP/1.1
Host: www.sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 14:08:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Vary: Accept-Encoding
X-Varnish: 71803628 71923219
Age: 354
Via: 1.1 varnish (Varnish/5.2)
sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
216.152.143.240200 OK 7.9 kB URL HTTP/1.1 sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Hash 41d09bc094c192759101ce3aca7f5bde
0623b29fffafca6afc888830f6b9c995b1cce98f
f66824128b6e6542b2b2aaeeb99648133fbdca89b0dd2718cb729a3dfaa22e52
GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7917
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73290466 73378558
Age: 361
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
142.250.74.106200 OK 7.3 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
IP 142.250.74.106:0
File type ASCII text, with very long lines (28290)
Hash 29cec33e497be5e450f9703d98efca3b
4bcb24406115ca93d35ba145b78234b6f5e5d135
287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012
GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 06:39:09 GMT
expires: Sun, 17 Sep 2023 06:39:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 372560
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/px?id=1510158&t=1
37.252.172.250307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1510158&t=1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1510158&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
AN-X-Request-Uuid: 73b00595-e949-436c-b7a2-a0d52d80c26f
Set-Cookie: uuid2=3522724671875195389; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/seg?add=27369987&t=1
37.252.172.250307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=27369987&t=1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=27369987&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
AN-X-Request-Uuid: 93671796-d429-4861-9ef4-5d28aae0be61
Set-Cookie: uuid2=9135345457259534417; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
216.152.143.240200 OK 56 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
IP 216.152.143.240:0
File type ASCII text, with very long lines (728)
Hash 96e5755dcdc8411f20309eba06090553
673daa8b541f7a365cdf0cd81b6dfbca82e4801b
660487676b070f91f351c10f6f9d76a3273f3d30cab85aa700ad1516cf094b3b
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: text/css
Content-Length: 56238
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:43 GMT
ETag: "865b5-5e8acea238e87-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 61209291 68049896
Age: 13876
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
37.252.172.250200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D27369987%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5916019b-3f1d-409e-9ccb-c06de4b7c07e
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVRtt5`1!]tbP6j2F-XstGt!@Dr<$ut[T; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
37.252.172.250200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1510158%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 78920dac-e358-4ca2-a0ba-d879773fb50c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js
216.152.143.240200 OK 24 kB URL HTTP/1.1 sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (31984)
Hash df8cb58860540fe37f48ebdd01d4f7e2
7abdbe3fd4184ea1230dd6f35391778a0a79be88
a5e0db722a02983ddd7c0687cad6b966d7f5f842b80a4c510b390cc6441ee231
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 24449
Connection: keep-alive
Last-Modified: Thu, 14 Apr 2022 01:14:53 GMT
ETag: "17d03-5dc930577b34a-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73039267 72484566
Age: 7414
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5269
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:08:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5269
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:08:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5269
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:08:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5269
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:08:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 59111
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wK03Lqow6u4lrQ3QI21klXXHGZqbKYathhCO87k0rZWBbF8o5YYjXw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:05:16 GMT
age: 25393
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8fb4f53-c4a2-4769-939e-c2f7ff562e36.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8fb4f53-c4a2-4769-939e-c2f7ff562e36.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 681b3e236c8b9bc524d935af247ec72b
96048f054243b5a13f14ab3dd9f4a0f3f2e0feae
aaa2f649fd336f89b3c0fc1d9226f8763f5a8cd850826a7f0819ebe7414fbf2a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8fb4f53-c4a2-4769-939e-c2f7ff562e36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7383
x-amzn-requestid: 32b97df0-b979-4e80-a54f-cae77affc915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy2sHJ_oAMF0bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31c4-2c6db6e21fa1db233a4c1f49;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bmxUC0kur2YyFURbaNuBfgoyC3_l6XVfmKAyA-41jFdjBN2bY60GkQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
etag: "96048f054243b5a13f14ab3dd9f4a0f3f2e0feae"
content-type: image/jpeg
age: 59245
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 84608
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:24 GMT
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
age: 58865
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a504981ee10d8341b64f19001464ae8a
56f228d7358ba9deef000f53214dc7c1dc358109
0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8861
x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuE0AoAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UStTyIXPucbY9WmDl3W5bTyeT-2SJ5CTUjv8TLeexqZtKd1p2sJrNA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 03:25:34 GMT
age: 38575
etag: "56f228d7358ba9deef000f53214dc7c1dc358109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
216.152.143.240200 OK 465 B URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (1164), with no line terminators
Hash ae9e1ea6af46bf62a7469101eb4a8f55
e94958da3bfd259c99019190f6c4e449e0c16aee
bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:41 GMT
ETag: "48c-5d727b3a6c8f4-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 71803695 72983062
Age: 2778
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11
216.152.143.240200 OK 8.4 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11
IP 216.152.143.240:0
File type ASCII text, with very long lines (483)
Hash 2c4b91c9eee090790f2f9500b21960a3
ff3020cfcff7cdf54983ea1365ce111f8822544f
336027df12f5b20aa1dad52a50300aa5319baf5c69b4d0860b443343e0bf5116
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 8440
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73445842 69684674
Age: 5
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/cms_custom_css.php?ver=248_11
216.152.143.240200 OK 3.4 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/cms_custom_css.php?ver=248_11
IP 216.152.143.240:0
File type ASCII text, with very long lines (443)
Hash af6cfac463e458f4a779100b8e44351f
fc843a22eb110fdf842ece1c4dbb6e72ffe97109
fcdd8b1b5ee1be506bb0ca1380592c8dba860ee68dc05ea3ea8de3ab718ddf89
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/cms_custom_css.php?ver=248_11 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 3430
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 68287406 64447948
Age: 413
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3
216.152.143.240200 OK 5.8 kB URL HTTP/1.1 sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP 216.152.143.240:0
File type ASCII text, with very long lines (16194)
Hash 0de80519eb796dc06fa34efcf454c797
1274f536f1c2c51ad2b0c0f121da21cc43854ea5
059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 5822
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:32 GMT
ETag: "401a-59379a2a64404-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 70517476
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
216.152.143.240200 OK 517 B URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (1015), with no line terminators
Hash 09a9e3bc0d18d851d1276481ed543c9e
87f953897b9f07e27e0b080a4320a9b78fc80167
9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:34 GMT
ETag: "3f7-5d727b339bba1-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 66260559 70094957
Age: 2052
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js
216.152.143.240200 OK 433 kB URL HTTP/1.1 sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (65350)
Size 433 kB (432702 bytes)
Hash aa24aa3a0a9984210198ac91297db647
2108d2f01c37149228877a9672d866c08f5daee6
ce55bf8849d63b8767c7fd032fb9277ffec0bb103ca26ad3b66b330208f3855f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 432702
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:26 GMT
ETag: "11e248-5a7d7dcb4d5ff-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 70517474 70452970
Age: 38
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/tj642X385.png
216.152.143.240200 OK 61 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/tj642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c489c000b428df8a63bdd7b17dc3bc0
40604409cd93ca8f2953db7a202cdc551ebd9aa3
26c814d49311c2495b5d119e29961e8d3bed2d7a72d600d044c44e5c72412ad8
GET /files/2021/08/tj642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/png
Content-Length: 60559
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:18 GMT
ETag: "32f0295df92561381f0fe57a28a4c740"
Expires: Fri, 21 Nov 2025 23:20:57 GMT
Vary: Accept-Encoding
X-Varnish: 68287448 69545321
Age: 2052
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg
216.152.143.240200 OK 14 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 642x385, components 3\012- data
Hash 010c225c2d030c6226f2c7c073291a8d
3dc3de7db6ff28898f3d3cbc1b5382276a088ef1
e449cfdfc4eff75f385d48738f7bd306d4dab821b17cd3f3cb6db363a50dc796
GET /files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/jpeg
Content-Length: 13877
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:57 GMT
ETag: "a3f60a53cc10fcc69329bb02c2dbb3a5"
Expires: Fri, 21 Nov 2025 23:07:53 GMT
Vary: Accept-Encoding
X-Varnish: 73039272 72822748
Age: 2836
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sullivanpaintinginc.com/files/2021/08/verizon642X385.png
216.152.143.240200 OK 33 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/verizon642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash f8e51ebe06db6f46f5ffe3cc4abd3b41
ae3a580d9969911203f51b98af7332970efd1645
b5364a9235112633f66b79754fd081057624a4a9a52ea099303ff0ad2e97a2f9
GET /files/2021/08/verizon642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 33334
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:49 GMT
ETag: "4257cb474a9860d345de497f4a232a27"
Expires: Fri, 21 Nov 2025 20:52:46 GMT
Vary: Accept-Encoding
X-Varnish: 69861303 66577239
Age: 10943
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/Circle-K.png
216.152.143.240200 OK 36 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/Circle-K.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash ee59b35401f61a67a1ee4772a2463a24
0a52dbc3c65d70507cc03e1eef31509dcbdde60b
1667de01b6ead446b5fc0db7ffb54cf042308c098819524f159091df2482553c
GET /files/2021/08/Circle-K.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 35784
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:42 GMT
ETag: "8d83e9fd94609f19ad93162380c80054"
Expires: Fri, 21 Nov 2025 23:49:10 GMT
Vary: Accept-Encoding
X-Varnish: 73039277 73499699
Age: 360
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/La-Fitness.png
216.152.143.240200 OK 40 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/La-Fitness.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a4218de366f5961ed9ecdce63d21c5f
83edba3651484b8da1a78727bcb7fac790fb274f
b580fb3909ffa90604d4256aaf73be4e9dc1c8d6903c43f7c879d1267719f009
GET /files/2021/08/La-Fitness.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/png
Content-Length: 39453
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:36 GMT
ETag: "65f838cec5daa4e0a380884694157f29"
Expires: Fri, 21 Nov 2025 23:55:09 GMT
Vary: Accept-Encoding
X-Varnish: 70192718
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X
142.250.74.72200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X
IP 142.250.74.72:0
Hash 6b755efde426ec18cc05e239a780b227
1128c187853b8670876d59f99293537201013c3a
95939747167c791578a6b03f2144d44dca4b89787251155fb1e87debd383e64a
GET /gtm.js?id=GTM-N77HQ5X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 14:08:30 GMT
expires: Wed, 21 Sep 2022 14:08:30 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sullivanpaintinginc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 509292
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sullivanpaintinginc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:38:37 GMT
expires: Tue, 19 Sep 2023 21:38:37 GMT
cache-control: public, max-age=31536000
age: 145793
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sullivanpaintinginc.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048
216.152.143.240200 OK 16 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048
IP 216.152.143.240:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Hash d7e0105a1d89d3a302e09d50c6d808c9
34eb40751fb3f70ffbae2f4270eb73b54349d982
cab4658b86b05ecfabd81a7f07837ff0d3a38cad66972bc583b7c3b1e1eb00ad
GET /cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: application/font-sfnt
Content-Length: 16112
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:42 GMT
ETag: "3ef0-5e8acea0cc45e"
Vary: Accept-Encoding
X-Varnish: 70517539 68919309
Age: 10418
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/marriott642X385.png
216.152.143.240200 OK 87 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/marriott642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash a28a41b221c3d4848b1363167650a564
967bdeba91dd04c898e934e8000de3821811863a
e1c3e218cae1056e8841236bfd0039e0ecae4605beb13b651d9c1ea481d24fb6
GET /files/2021/08/marriott642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/png
Content-Length: 86901
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:11 GMT
ETag: "199a03903326686b02b329fa48f80b78"
Expires: Fri, 21 Nov 2025 21:02:07 GMT
Vary: Accept-Encoding
X-Varnish: 70294205 68765033
Age: 10382
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sullivanpaintinginc.com/files/2021/08/cbre642X385-01.png
216.152.143.240200 OK 70 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/cbre642X385-01.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash 266a961fdc43c8e249dcdd300abeaa20
003ca4e7fd5519a29f2a1bb8f5be4c7d4b965528
43aaf15c95d81e59cf998e26d7c5876b65938cc2d96e014bb2d47b87fa558b03
GET /files/2021/08/cbre642X385-01.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/png
Content-Length: 69950
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:29 GMT
ETag: "b18c1d3bddf6843faa2d46f2a7b75d50"
Expires: Fri, 21 Nov 2025 23:55:09 GMT
Vary: Accept-Encoding
X-Varnish: 68287450
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
216.152.143.240200 OK 1.1 kB URL HTTP/1.1 sullivanpaintinginc.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP 216.152.143.240:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 2a07edce0f76003d12f3693e7f62edc2
661766632e5fa48d967f8ed7ae8c0df2a4dead06
039a26881ec489fa598d5cc7b46025fc32b0f2c963f8fd904bf48799af646eb7
GET /wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/gif
Content-Length: 1097
Connection: keep-alive
Last-Modified: Fri, 11 Oct 2013 16:05:10 GMT
ETag: "449-4e87948635980"
Vary: Accept-Encoding
X-Varnish: 70294230 69685690
Age: 2052
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/ph642X385.png
216.152.143.240200 OK 147 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/ph642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size 147 kB (146961 bytes)
Hash 7ea8d1d877680ab303f0e39b8a2bf72a
b24e15bf90f81a8842c3af9df9c5506804f17a95
469a12770a5756186a08eab34917369264c3d2a45c7c26aa6904c9e7f7f4a22c
GET /files/2021/08/ph642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/png
Content-Length: 146961
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:24 GMT
ETag: "90793a01df7212c5ed393de4c9f03a7b"
Expires: Fri, 21 Nov 2025 20:19:43 GMT
Vary: Accept-Encoding
X-Varnish: 70116162 68591826
Age: 12926
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/carhartt642X385-2.png
216.152.143.240200 OK 70 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/carhartt642X385-2.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash e366800160d4fbe1bf6a5ceff50002c2
6552a3fde6730f8fa9e24e1f491fc13b238eb96d
c1674d2fb5bcf644137ece81931800c5f6a19142f040247f0c0711e908580e18
GET /files/2021/08/carhartt642X385-2.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 70107
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:43 GMT
ETag: "94ee14cd537b9ce21a06ad1a46115b9f"
Expires: Fri, 21 Nov 2025 23:54:34 GMT
Vary: Accept-Encoding
X-Varnish: 69861328 67030961
Age: 36
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
secure.adnxs.com/px?id=1510158&t=1
37.252.172.250307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1510158&t=1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1510158&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
AN-X-Request-Uuid: 5b46e39e-daef-4028-b33b-c8ba429e96a2
Set-Cookie: uuid2=5876175439339828919; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/seg?add=27369987&t=1
37.252.172.250307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=27369987&t=1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=27369987&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
AN-X-Request-Uuid: 3efbde5f-2943-489e-a0da-38ca74b7a4ef
Set-Cookie: uuid2=605953839671407395; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
37.252.172.250200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1510158%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 9750f9fe-4a33-4209-94cb-27b2f8f34aaf
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
37.252.172.250200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D27369987%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: af27bf51-8e49-43ce-aef0-8a11d160ba4d
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVNtt5`1!]tbP6j2F-XstGt!@Ds)$vBtX; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630
216.152.143.240200 OK 86 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 2b9604bb4b6615251d5955dd61211ac3
1a97e25f5a7a4703d44a7591535893226220c953
c67877150284b77e762c1ff3c591a1b8f2af9ef01f38ddfc15bbdadac361a094
GET /files/2021/08/photo-12.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 85883
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:15:03 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 11:15:03 GMT
Vary: Accept-Encoding
X-Varnish: 68287462 68431401
Age: 10407
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/heartland-dental642X385.png
216.152.143.240200 OK 105 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/heartland-dental642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size 105 kB (105276 bytes)
Hash 4b17eee02cf1c348f87cc99e9faccf7c
038539950e2a61aaef8025e5c22c9b478454aa35
1a746f25d06f2b8f01662ef5e6d2b38cefbc7252e6bac2d1252b6b065c2421d0
GET /files/2021/08/heartland-dental642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 105276
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:05 GMT
ETag: "ed923566ac9ac40d283d239176a730b6"
Expires: Fri, 21 Nov 2025 23:54:31 GMT
Vary: Accept-Encoding
X-Varnish: 73445865 73004230
Age: 39
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/Yard-House-642X385.png
216.152.143.240200 OK 116 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/Yard-House-642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size 116 kB (115825 bytes)
Hash 906667ca55e1933d00f141b91df8842a
bca4b54f7d423d98cd9bbef9be3845b44a92b8cd
6d39e845e98f3f03fef65860b89c033ac9cb46c499bf04e9b1a2461a110420af
GET /files/2021/08/Yard-House-642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 115825
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:39:04 GMT
ETag: "532ebaa663f5cbce17a23419b525f03a"
Expires: Fri, 21 Nov 2025 23:48:03 GMT
Vary: Accept-Encoding
X-Varnish: 61209387 64447801
Age: 426
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/rightcev.png
216.152.143.240200 OK 182 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/rightcev.png
IP 216.152.143.240:0
File type PNG image data, 800 x 533, 8-bit colormap, non-interlaced\012- data
Size 182 kB (181512 bytes)
Hash 54a408a7503181ecb9f1c59fe829d4e5
03a7ffc802057a8186135301d4385f1028d195d4
5c6320e88131f1acd1d3020dcda7058fc3df8cdb870715378952a7b99911a8ca
GET /files/2021/08/rightcev.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 181512
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:59:00 GMT
ETag: "7afd0d12b2b735c2c92c42a4ec77cd2b"
Expires: Fri, 21 Nov 2025 20:27:52 GMT
Vary: Accept-Encoding
X-Varnish: 70116173 68596346
Age: 12437
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630
216.152.143.240200 OK 58 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 142d9e9d8d9577418061b2714ade1e59
9fec5f85f6a0d2d08b8fc4ed222e2352e616ccee
3d3d17493567a4a2a2d8497af98ef85e6dedc97c9a2d62742e9ce1b010b6916d
GET /files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 58206
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 14:01:23 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 14:01:23 GMT
Vary: Accept-Encoding
X-Varnish: 70116194 70199102
Age: 426
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-6-scaled.jpg?w=1600&a=t
216.152.143.240200 OK 440 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-6-scaled.jpg?w=1600&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x1125, components 3\012- data
Size 440 kB (440545 bytes)
Hash 9ab33668b61cdbcbaa3ef332c603f896
9d6e20cb5bb3ddf4b7536cf584a9fdf30cb4211f
58abc67ef66ffea7dc2341f6e1b740dcdb3f9d38b8ab4935acff1b553e4e47a0
GET /files/2021/08/photo-6-scaled.jpg?w=1600&a=t HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 440545
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:04:46 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 13:04:46 GMT
Vary: Accept-Encoding
X-Varnish: 71803712 72909073
Age: 3823
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630
216.152.143.240200 OK 75 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 6d24dbcbceca6403670bbcba5e6a93c6
95472cfee45aa20a4dc28e790ddbf1deca8d496a
580d3f257d6c81d42af0324e1dd67353cd333a5464eed646495c7357057e7426
GET /files/2021/08/photo-6-1.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 74821
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:34:21 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 13:34:21 GMT
Vary: Accept-Encoding
X-Varnish: 65760158 69359221
Age: 2049
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630
216.152.143.240200 OK 70 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 85218ac3a29d5549169b79dc31a8d431
4bb8a6ef163baa5ae3689cf8e24cbadb65a0f0b8
6f8a63a7d2b2ca47a29c0f55f1ed42cf8441599e43e16319086aabd498f36eab
GET /files/2021/08/photo-4-1.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 69783
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:14:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 11:14:52 GMT
Vary: Accept-Encoding
X-Varnish: 73005406 72131379
Age: 10417
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg
216.152.143.240200 OK 166 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg
IP 216.152.143.240:0
File type JPEG image data, progressive, precision 8, 2048x728, components 3\012- data
Size 166 kB (166017 bytes)
Hash 7adec28d845a0571b818af4b44766454
bbb85ff9515c7592a46e8971c1e176c24ab1d2c8
5963f13a0fc1a118485c1bec965302ce6b6cd7a245ed7d30aafa06af9559a79f
GET /files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 166017
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 14:12:54 GMT
ETag: "d2f8968e4f06d613b19f4db5029cf4e6"
Expires: Fri, 21 Nov 2025 20:52:46 GMT
Vary: Accept-Encoding
X-Varnish: 73698995 71711235
Age: 10944
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-20-1.jpg?w=1600&a=t
216.152.143.240200 OK 403 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-20-1.jpg?w=1600&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x1125, components 3\012- data
Size 403 kB (403434 bytes)
Hash c240df93704b267b7e4b87c4adf05c03
a98dfbd6c2a97041b68b9609eac7cd30f606ec49
abd0410aa32674a6b62b0608a727099e621d44f04bc5d89e729d1ff84db7c3d0
GET /files/2021/08/photo-20-1.jpg?w=1600&a=t HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 403434
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:06:35 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 11:06:35 GMT
Vary: Accept-Encoding
X-Varnish: 70116184 68277669
Age: 10914
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/Walgreens642X285.png
216.152.143.240200 OK 108 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/Walgreens642X285.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (108477 bytes)
Hash 47a103ed57a7d665591700e746bec89e
368dd40445452b14f499e9e1f001a7716d1d3f1f
2cb95706eeee3125153d93a4447d4ba6ecdc498ac1ca471ae0c337bef0d8bd9d
GET /files/2021/08/Walgreens642X285.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 108477
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:34 GMT
ETag: "9257216b12053974078234b516f7ee95"
Expires: Fri, 21 Nov 2025 23:28:07 GMT
Vary: Accept-Encoding
X-Varnish: 65760177 69830886
Age: 1622
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/clark642X385-1.png
216.152.143.240200 OK 74 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/clark642X385-1.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e1b1d258af43ae0c28c50aedab52d9e
c9becefe17eb30b5c197b108747c518868ae4fe6
b68e4b809430eb9cd6ad8168396efd683ee426f986ac5a27c832b0e5dac53bb1
GET /files/2021/08/clark642X385-1.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 74279
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:49 GMT
ETag: "8c76ceef6c44fa14e57e436133eccff5"
Expires: Fri, 21 Nov 2025 23:21:23 GMT
Vary: Accept-Encoding
X-Varnish: 70116212 70063215
Age: 2026
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif
216.152.143.240302 Found 0 B URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif
IP 216.152.143.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com
Vary: Accept-Encoding
X-Varnish: 73005419 73109913
Age: 2836
Via: 1.1 varnish (Varnish/5.2)
sullivanpaintinginc.com/files/2021/08/container642X385-2.png
216.152.143.240200 OK 90 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/container642X385-2.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash 7495f836d4b02c725fcaf0b6ced3e097
7fe889b299d9913fb592a5042551ebf69d6469dd
987911300894b928499c9fe309b613058988b001ca15018959ef12f7ff3c6191
GET /files/2021/08/container642X385-2.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 90104
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:57 GMT
ETag: "5422b25c2baaf08f8c179a0fa217742b"
Expires: Fri, 21 Nov 2025 22:51:26 GMT
Vary: Accept-Encoding
X-Varnish: 69861360 69592109
Age: 3824
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630&ct=1
216.152.143.240200 OK 86 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630&ct=1
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 2b9604bb4b6615251d5955dd61211ac3
1a97e25f5a7a4703d44a7591535893226220c953
c67877150284b77e762c1ff3c591a1b8f2af9ef01f38ddfc15bbdadac361a094
GET /files/2021/08/photo-12.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 85883
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:23:34 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 10:23:34 GMT
Vary: Accept-Encoding
X-Varnish: 65760179 68119785
Age: 13496
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1
216.152.143.240200 OK 58 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 142d9e9d8d9577418061b2714ade1e59
9fec5f85f6a0d2d08b8fc4ed222e2352e616ccee
3d3d17493567a4a2a2d8497af98ef85e6dedc97c9a2d62742e9ce1b010b6916d
GET /files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 58206
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:41:12 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 10:41:12 GMT
Vary: Accept-Encoding
X-Varnish: 69811702 68209066
Age: 12438
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1
216.152.143.240200 OK 70 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 85218ac3a29d5549169b79dc31a8d431
4bb8a6ef163baa5ae3689cf8e24cbadb65a0f0b8
6f8a63a7d2b2ca47a29c0f55f1ed42cf8441599e43e16319086aabd498f36eab
GET /files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 69783
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:41:12 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 10:41:12 GMT
Vary: Accept-Encoding
X-Varnish: 70192758 68582010
Age: 12438
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1
216.152.143.240200 OK 75 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 6d24dbcbceca6403670bbcba5e6a93c6
95472cfee45aa20a4dc28e790ddbf1deca8d496a
580d3f257d6c81d42af0324e1dd67353cd333a5464eed646495c7357057e7426
GET /files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 74821
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:21:14 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 13:21:14 GMT
Vary: Accept-Encoding
X-Varnish: 69841448 69376958
Age: 2836
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/leftcev.png
216.152.143.240200 OK 50 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/leftcev.png
IP 216.152.143.240:0
File type PNG image data, 601 x 351, 8-bit colormap, non-interlaced\012- data
Hash cd70395d31ef8ab4cbdc7c36ff756769
3975cb835f44b616af84477f40de8bb734447c40
1ec7acfb8cafb1680154f0a73c5b9949eef4978eed69f6f9f21ec3fe91e483ce
GET /files/2021/08/leftcev.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 50493
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:59:00 GMT
ETag: "7afd0d12b2b735c2c92c42a4ec77cd2b"
Expires: Fri, 21 Nov 2025 23:55:10 GMT
Vary: Accept-Encoding
X-Varnish: 70294243
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/
216.152.143.240200 OK 7.8 kB IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Hash f9cedec3650a1c6404cb1296bd86434e
f465e66cfcb8252d73da229cd56e322b43ab8f74
7ecad5d64bb70ca82e97e749d000586cd2c6927ec59fb7843a72609eedc96fbb
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7822
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 61209399 70000767
Age: 115
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/leftcev.png?w=720&h=NaN&ct=1
216.152.143.240200 OK 364 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/leftcev.png?w=720&h=NaN&ct=1
IP 216.152.143.240:0
File type PNG image data, 720 x 420, 8-bit/color RGBA, non-interlaced\012- data
Size 364 kB (363860 bytes)
Hash 7c0c58c19a31d93e6dc4384d53bd6388
cfce4a9c71536775974c3d473a5c998cb3eaec5c
9a356ee5800cc5ce323e99f784c39057cfc5444d2f9c9aa53e62d79b353da49b
GET /files/2021/08/leftcev.png?w=720&h=NaN&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 363860
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:15:03 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 11:15:03 GMT
Vary: Accept-Encoding
X-Varnish: 68287506 68431414
Age: 10407
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/img/tsm-favicon.ico
216.152.143.240200 OK 32 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/img/tsm-favicon.ico
IP 216.152.143.240:0
File type MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash c7f1c4f34424d5247f9a2a24f3e2372c
247102bcd8a2a36f1dfa16a652002ade82ffa1b0
ed829bc8a78f82c88e5d0bcfb368a9f714b6c758b0354b057f9e083dfa4ddd6b
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/img/tsm-favicon.ico HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 32038
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:17 GMT
ETag: "7d26-59379a1c44599"
Vary: Accept-Encoding
X-Varnish: 73445912 72969800
Age: 434
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif
216.152.143.240302 Found 0 B URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif
IP 216.152.143.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Cookie: __utma=107688448.797441652.1663769311.1663769311.1663769311.1; __utmb=107688448.2.10.1663769311; __utmc=107688448; __utmz=107688448.1663769311.1.1.utmcsr=EmailMarketing|utmccn=Merge%203%20(1st%20email)|utmcmd=email; __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 14:08:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com
Vary: Accept-Encoding
X-Varnish: 73058043 72008431
Age: 10914
Via: 1.1 varnish (Varnish/5.2)
sullivanpaintinginc.com/
216.152.143.240200 OK 7.8 kB IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Hash f9cedec3650a1c6404cb1296bd86434e
f465e66cfcb8252d73da229cd56e322b43ab8f74
7ecad5d64bb70ca82e97e749d000586cd2c6927ec59fb7843a72609eedc96fbb
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Cookie: __utma=107688448.797441652.1663769311.1663769311.1663769311.1; __utmb=107688448.2.10.1663769311; __utmc=107688448; __utmz=107688448.1663769311.1.1.utmcsr=EmailMarketing|utmccn=Merge%203%20(1st%20email)|utmcmd=email; __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7822
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 69793622 62604928
Age: 114
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c523ffabe9e2288c7e6951ba0bc4c5d1
0d93de1e5f6a5c64116accbd61d003c349664483
b509944b3e30e23d3983a52e30ce228c29a0d821720794555863f97286d8c70c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4296
x-amzn-requestid: c85bf15a-42ec-48d0-a8c6-72be1c66f0af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VTGWMoAMF3fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-0396631418a153b5719363f6;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GpNFRpRcL5wLzPbd0GwW7BWYBDH9q-tEuECtoxDAD4RJmphpia8S5g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:41:42 GMT
age: 55614
etag: "0d93de1e5f6a5c64116accbd61d003c349664483"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sullivanpaintinginc.com/cms_websites/js/external/scripts.js
216.152.143.240200 OK 0 B URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/js/external/scripts.js
IP 216.152.143.240:0
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/js/external/scripts.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 120679
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "634a9-5c189ea477bf3-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 69793556 69963887
Age: 2865
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
IP 142.250.74.10:0
GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:08:29 GMT
date: Wed, 21 Sep 2022 14:08:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2