Report - 105344.io.directiq12.com/hit?sid=55dvp3u3ev55mb9dnp&linkid=1&link=d0217573b75f4ef18b093bad29d123bb

Report Overview

Submitted URL
105344.io.directiq12.com/hit?sid=55dvp3u3ev55mb9dnp&linkid=1&link=d0217573b75f4ef18b093bad29d123bb
IP
34.232.96.61
ASN
#14618 AMAZON-AES
Submitted
2022-09-21 14:08:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.228.45
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	941 B	143.204.42.158
105344.io.directiq12.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	501 B	252 B	34.232.96.61
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
sullivanpaintinginc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	23 kB	3.9 MB	216.152.143.240
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	7.0 kB	142.250.74.3
secure.adnxs.com	396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	6.5 kB	37.252.172.250
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	995 B	51 kB	142.250.74.163
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	746 B	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437 B	8.4 kB	142.250.74.106
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	70 kB	34.120.237.76
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	39 kB	142.250.74.72
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
www.sullivanpaintinginc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	930 B	838 B	216.152.143.240

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1	Phishing
2022-09-21	medium	sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/cms_custom_css.php?ver=248_11	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js	Phishing
2022-09-21	medium	sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js	Phishing
2022-09-21	medium	sullivanpaintinginc.com/	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/img/tsm-favicon.ico	Phishing
2022-09-21	medium	sullivanpaintinginc.com/	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/js/external/scripts.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	265 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash 4e2951b0dc01ad6edd734f4cc3194479 f0c7bcd78164f698004c66d2a4fff605ac2d4ff9 531a1cb7803c87366150c227ec711f62e6ac876947a42f81c44809e27b9851eb Loading...

	www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X	97 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:35:00 Last Seen2023-03-07 22:35:00 Times Seen1 Hash 1ebff59e1533ef5b3650fb2f02cab6a0 12634a7396f3ffb876c63ac1fbd4bb7b6534cb8f a65aec1d21e0ce08b4c72125d163c4ee1ae56e55f3bb4e0839aebe6c6a9b8379 Loading...

	sullivanpaintinginc.com/cms_websites/js/external/scripts.js	407 kB	2023-03-07	2023-03-14
Pretty URL sullivanpaintinginc.com/cms_websites/js/external/scripts.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-14 06:47:02 Times Seen1 Hash 4a577c9981aa1b4382753aad507b39c6 88544dd831c5b7d15c9864813bfa85b90538afe3 f6e0a49a81916892daf64a97d9ccc1230323161ed2b6b1815eb174e4fe2d6c78 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	263 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash 45664c7a985772bd17a9046c95afd66b 0257939ec8d25b72e3b7dfcedcf122d525958826 60f0ff0c3382b39cb6987fd04897a0602b815eeba4dc8c6987c97a2e39ac7b20 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	159 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash ced9ca672a04f20634cd719a3a2d90ed aee7348f881a84ad3c41ba5707b5b2d815b247eb 03a36cf94dfbcaa46387127dd4a76a0514cba1483fc589dee617848596e27cf0 Loading...

	sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js	1.2 kB	2023-03-07	2024-01-31
Pretty URL sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-31 16:23:41 Times Seen37 Hash 02e2d3983e38c9bce62b5a450d8ef056 075d832d09eb6ec64df1205e5a23644c9657450c e45a2dc0c3d0072db0ad96e13e64a8ebabf7f36cd0cec49932117a6c2998931b Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	263 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash b2bbd34b77eebd6f40a769216503882d e1d37d592784bf6cfb71e762a297e7114b4067f2 71b2fc6ecdd92a8acd8a3fadd7e533a0d36e30f163cf18b5223912840450ab0a Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	341 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash fa03b876dbbdaf962f567095ce032801 ad8c4326fe1a1f53b87055d66732014a4ed6f199 3ced874adf1ce93d3dc6c5173296b379fbc7955598c4a20162f687778038b3f8 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	867 B	2023-03-07	2023-03-07
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:35:00 Last Seen2023-03-07 22:39:14 Times Seen1 Hash 9b56d93667008629da55e0d9d1cc7b60 e9d5cba78925a1b623eefcc46c3bcc7ea8893fea 46f67abdabcf003ae7fb9e5eb59eddad73fc32447dfd86e6128abf4c5da5f723 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	109 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash e56710597cef5225bdf3ef31c94569aa d3b4cca529aab07699b3ad27887aa7ce4d4aa3bd 2c7088fa1eaccb9399b163ae606b28d17ef5dff8e3d596ad67b0a49e9344162f Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	74 B	2023-03-07	2024-01-05
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-05 14:28:13 Times Seen13 Hash 0ca1d59c845951c81df3723cf6e06509 77d9dd33d3dc07adc4608a84eccb29c836e0ec15 f298881955505374d260f5586d86a2ac4db77f061b0bf2ddadde8c7ce3dd9b41 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	714 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash be071629c0b0948d8547ba0f2fcad121 1de11621251fa3a410581aed3b4afc686fa774c6 eabde0fae5d8088af24b2ad5b184c4228ccbefc0779969f42bcf30323587f128 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js	98 kB	2023-03-07	2023-03-08
Pretty URL sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-08 06:45:14 Times Seen1 Hash d8973c54076e6d031f72fe15b6b43f69 f080d8bdc42a3a08e7145237eade58cf5f069633 6d8cbebbfced3ffd968a2d4c860fefa0e316f4d84bf124ec1e31f44e6c3b670e Loading...

	sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3	16 kB	2023-03-07	2024-04-22
Pretty URL sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3 IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:25 Last Seen2024-04-22 17:35:36 Times Seen1233 Hash 6a3a434a1360cc744341e97de9177bc6 d110825c3252a677ce8b6fd81cd2eda0201e4e1b 4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828 Loading...

	sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js	1.0 kB	2023-03-07	2024-01-31
Pretty URL sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-31 16:23:41 Times Seen37 Hash 880a1ec15331350293dc0001fddbdd05 8287010cbfd5bfa9d20b71c6320f91c0a73f0275 193eafafb10fe21b2fa8251fd5734649c077f9d19fa217fb19967189c96094ec Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	1.1 kB	2023-03-07	2024-01-04
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-04 13:47:19 Times Seen11 Hash be124bf710c176bc7dd8b62e6fd800e1 dd0cdb7937fd85443df8534151d62be9585602cc e15fd73fb64288c82b018aa822331e6cfde3506f7051e314f9999f4f0d1f9bf6 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 01:38:13 Times Seen37052289 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)	261 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash 9f0001191ca50aa4c7b0d429e6f980f8 092fc358e5952aede1ae39f24744e10ffa81ead1 cad240043ab803d947d3f5ea13a29bcac2867af2bb036b4711047881fc938bb7 Loading...

HTTP Transactions (91)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 13:13:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zsZqoxBI-ZVTuxTxehlilnbfZhydNWwJd095MUFN3_T-5uibfgJPJQ==
Age: 3292

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7128
Expires: Wed, 21 Sep 2022 16:07:15 GMT
Date: Wed, 21 Sep 2022 14:08:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J46vb6W3uKzyql3_4mzrOpuDgr2NoC34WNnEz_3QX55AfMoD9scCzA==
age: 34394
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 14:08:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e1a5f4466e9cd1c5e0b93b1b26a07966
af5a8af6b29287dd12604ed02917f0af90226124
9e41876ca054149584bff65d15f135d953cbf043500e131d1c2f66f2534f51d5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 14:08:27 GMT
Last-Modified: Wed, 21 Sep 2022 14:08:24 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g7xpM1tkJU_L6HDT3Hp-Uo598n4uMmPKczgKK2Nw7LT8XvMRE7n9dw==
Age: 3

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 14:03:22 GMT
Expires: Wed, 21 Sep 2022 14:42:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RWwPMqP4Np1dzKpXSFsYzfOhKAgOJQiznjgZQhfeu-EWWYCTgoeoJA==
Age: 305

105344.io.directiq12.com/hit?sid=55dvp3u3ev55mb9dnp&linkid=1&link=d0217573b75f4ef18b093bad29d123bb

34.232.96.61

302 Found

0 B

URL HTTP/2
105344.io.directiq12.com/hit?sid=55dvp3u3ev55mb9dnp&linkid=1&link=d0217573b75f4ef18b093bad29d123bb
IP
34.232.96.61:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hit?sid=55dvp3u3ev55mb9dnp&linkid=1&link=d0217573b75f4ef18b093bad29d123bb HTTP/1.1
Host: 105344.io.directiq12.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 21 Sep 2022 14:08:27 GMT
content-length: 0
location: http://www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
apigw-requestid: Y0EiXhb4oAMEM0A=
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3036
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:27 GMT
Last-Modified: Wed, 21 Sep 2022 13:17:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)

216.152.143.240

301 Moved Permanently

178 B

URL HTTP/1.1
www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) HTTP/1.1
Host: www.sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 14:08:28 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)

push.services.mozilla.com/

54.148.228.45

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.228.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wpc9XFjJijQ54TsPk/OptA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MS2+yXBXBT7tiocmwO5b7fN5vX4=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d46f8de768a875577f99041641daec7
8b640ff702b62cc8bf5617a40766301091603417
15e69d785afb803e571e54fde6e3239034bf90ee12bc7d93719e9c9dabb45cf5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15E69D785AFB803E571E54FDE6E3239034BF90EE12BC7D93719E9C9DABB45CF5"
Last-Modified: Tue, 20 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Wed, 21 Sep 2022 20:07:41 GMT
Date: Wed, 21 Sep 2022 14:08:28 GMT
Connection: keep-alive

www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)

216.152.143.240

301 Moved Permanently

0 B

URL HTTP/1.1
www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) HTTP/1.1
Host: www.sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 14:08:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Vary: Accept-Encoding
X-Varnish: 71803628 71923219
Age: 354
Via: 1.1 varnish (Varnish/5.2)

sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)

216.152.143.240

200 OK

7.9 kB

URL HTTP/1.1
sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Size
7.9 kB (7917 bytes)
Hash
41d09bc094c192759101ce3aca7f5bde
0623b29fffafca6afc888830f6b9c995b1cce98f
f66824128b6e6542b2b2aaeeb99648133fbdca89b0dd2718cb729a3dfaa22e52

HTTP Headers

GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email) HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7917
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73290466 73378558
Age: 361
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11

142.250.74.106

200 OK

7.3 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28290)
Size
7.3 kB (7320 bytes)
Hash
29cec33e497be5e450f9703d98efca3b
4bcb24406115ca93d35ba145b78234b6f5e5d135
287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012

HTTP Headers

GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 06:39:09 GMT
expires: Sun, 17 Sep 2023 06:39:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 372560
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

secure.adnxs.com/px?id=1510158&t=1

37.252.172.250

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/px?id=1510158&t=1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px?id=1510158&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
AN-X-Request-Uuid: 73b00595-e949-436c-b7a2-a0d52d80c26f
Set-Cookie: uuid2=3522724671875195389; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/seg?add=27369987&t=1

37.252.172.250

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=27369987&t=1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=27369987&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
AN-X-Request-Uuid: 93671796-d429-4861-9ef4-5d28aae0be61
Set-Cookie: uuid2=9135345457259534417; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1

216.152.143.240

200 OK

56 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (728)
Size
56 kB (56238 bytes)
Hash
96e5755dcdc8411f20309eba06090553
673daa8b541f7a365cdf0cd81b6dfbca82e4801b
660487676b070f91f351c10f6f9d76a3273f3d30cab85aa700ad1516cf094b3b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: text/css
Content-Length: 56238
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:43 GMT
ETag: "865b5-5e8acea238e87-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 61209291 68049896
Age: 13876
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1

37.252.172.250

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D27369987%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5916019b-3f1d-409e-9ccb-c06de4b7c07e
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVRtt5`1!]tbP6j2F-XstGt!@Dr<$ut[T; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1

37.252.172.250

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fpx%3Fid%3D1510158%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 78920dac-e358-4ca2-a0ba-d879773fb50c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js

216.152.143.240

200 OK

24 kB

URL HTTP/1.1
sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (31984)
Size
24 kB (24449 bytes)
Hash
df8cb58860540fe37f48ebdd01d4f7e2
7abdbe3fd4184ea1230dd6f35391778a0a79be88
a5e0db722a02983ddd7c0687cad6b966d7f5f842b80a4c510b390cc6441ee231

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 24449
Connection: keep-alive
Last-Modified: Thu, 14 Apr 2022 01:14:53 GMT
ETag: "17d03-5dc930577b34a-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73039267 72484566
Age: 7414
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5269
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:08:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5269
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:08:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5269
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:08:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5269
Expires: Wed, 21 Sep 2022 15:36:18 GMT
Date: Wed, 21 Sep 2022 14:08:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9201 bytes)
Hash
a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 59111
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12654 bytes)
Hash
f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wK03Lqow6u4lrQ3QI21klXXHGZqbKYathhCO87k0rZWBbF8o5YYjXw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:05:16 GMT
age: 25393
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8fb4f53-c4a2-4769-939e-c2f7ff562e36.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7383 bytes)
Hash
681b3e236c8b9bc524d935af247ec72b
96048f054243b5a13f14ab3dd9f4a0f3f2e0feae
aaa2f649fd336f89b3c0fc1d9226f8763f5a8cd850826a7f0819ebe7414fbf2a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8fb4f53-c4a2-4769-939e-c2f7ff562e36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7383
x-amzn-requestid: 32b97df0-b979-4e80-a54f-cae77affc915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy2sHJ_oAMF0bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31c4-2c6db6e21fa1db233a4c1f49;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bmxUC0kur2YyFURbaNuBfgoyC3_l6XVfmKAyA-41jFdjBN2bY60GkQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
etag: "96048f054243b5a13f14ab3dd9f4a0f3f2e0feae"
content-type: image/jpeg
age: 59245
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10244 bytes)
Hash
14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 84608
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10038 bytes)
Hash
dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:24 GMT
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
age: 58865
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8861 bytes)
Hash
a504981ee10d8341b64f19001464ae8a
56f228d7358ba9deef000f53214dc7c1dc358109
0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8861
x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuE0AoAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UStTyIXPucbY9WmDl3W5bTyeT-2SJ5CTUjv8TLeexqZtKd1p2sJrNA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 03:25:34 GMT
age: 38575
etag: "56f228d7358ba9deef000f53214dc7c1dc358109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js

216.152.143.240

200 OK

465 B

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (1164), with no line terminators
Size
465 B (465 bytes)
Hash
ae9e1ea6af46bf62a7469101eb4a8f55
e94958da3bfd259c99019190f6c4e449e0c16aee
bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:41 GMT
ETag: "48c-5d727b3a6c8f4-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 71803695 72983062
Age: 2778
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11

216.152.143.240

200 OK

8.4 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (483)
Size
8.4 kB (8440 bytes)
Hash
2c4b91c9eee090790f2f9500b21960a3
ff3020cfcff7cdf54983ea1365ce111f8822544f
336027df12f5b20aa1dad52a50300aa5319baf5c69b4d0860b443343e0bf5116

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 8440
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73445842 69684674
Age: 5
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/cms_custom_css.php?ver=248_11

216.152.143.240

200 OK

3.4 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/cms_custom_css.php?ver=248_11
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (443)
Size
3.4 kB (3430 bytes)
Hash
af6cfac463e458f4a779100b8e44351f
fc843a22eb110fdf842ece1c4dbb6e72ffe97109
fcdd8b1b5ee1be506bb0ca1380592c8dba860ee68dc05ea3ea8de3ab718ddf89

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/cms_custom_css.php?ver=248_11 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 3430
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 68287406 64447948
Age: 413
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3

216.152.143.240

200 OK

5.8 kB

URL HTTP/1.1
sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (16194)
Size
5.8 kB (5822 bytes)
Hash
0de80519eb796dc06fa34efcf454c797
1274f536f1c2c51ad2b0c0f121da21cc43854ea5
059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 5822
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:32 GMT
ETag: "401a-59379a2a64404-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 70517476
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js

216.152.143.240

200 OK

517 B

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (1015), with no line terminators
Size
517 B (517 bytes)
Hash
09a9e3bc0d18d851d1276481ed543c9e
87f953897b9f07e27e0b080a4320a9b78fc80167
9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:34 GMT
ETag: "3f7-5d727b339bba1-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 66260559 70094957
Age: 2052
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js

216.152.143.240

200 OK

433 kB

URL HTTP/1.1
sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (65350)
Size
433 kB (432702 bytes)
Hash
aa24aa3a0a9984210198ac91297db647
2108d2f01c37149228877a9672d866c08f5daee6
ce55bf8849d63b8767c7fd032fb9277ffec0bb103ca26ad3b66b330208f3855f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 432702
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:26 GMT
ETag: "11e248-5a7d7dcb4d5ff-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 70517474 70452970
Age: 38
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/tj642X385.png

216.152.143.240

200 OK

61 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/tj642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
61 kB (60559 bytes)
Hash
1c489c000b428df8a63bdd7b17dc3bc0
40604409cd93ca8f2953db7a202cdc551ebd9aa3
26c814d49311c2495b5d119e29961e8d3bed2d7a72d600d044c44e5c72412ad8

HTTP Headers

GET /files/2021/08/tj642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/png
Content-Length: 60559
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:18 GMT
ETag: "32f0295df92561381f0fe57a28a4c740"
Expires: Fri, 21 Nov 2025 23:20:57 GMT
Vary: Accept-Encoding
X-Varnish: 68287448 69545321
Age: 2052
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg

216.152.143.240

200 OK

14 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 642x385, components 3\012- data
Size
14 kB (13877 bytes)
Hash
010c225c2d030c6226f2c7c073291a8d
3dc3de7db6ff28898f3d3cbc1b5382276a088ef1
e449cfdfc4eff75f385d48738f7bd306d4dab821b17cd3f3cb6db363a50dc796

HTTP Headers

GET /files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/jpeg
Content-Length: 13877
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:57 GMT
ETag: "a3f60a53cc10fcc69329bb02c2dbb3a5"
Expires: Fri, 21 Nov 2025 23:07:53 GMT
Vary: Accept-Encoding
X-Varnish: 73039272 72822748
Age: 2836
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sullivanpaintinginc.com/files/2021/08/verizon642X385.png

216.152.143.240

200 OK

33 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/verizon642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (33334 bytes)
Hash
f8e51ebe06db6f46f5ffe3cc4abd3b41
ae3a580d9969911203f51b98af7332970efd1645
b5364a9235112633f66b79754fd081057624a4a9a52ea099303ff0ad2e97a2f9

HTTP Headers

GET /files/2021/08/verizon642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 33334
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:49 GMT
ETag: "4257cb474a9860d345de497f4a232a27"
Expires: Fri, 21 Nov 2025 20:52:46 GMT
Vary: Accept-Encoding
X-Varnish: 69861303 66577239
Age: 10943
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/Circle-K.png

216.152.143.240

200 OK

36 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/Circle-K.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (35784 bytes)
Hash
ee59b35401f61a67a1ee4772a2463a24
0a52dbc3c65d70507cc03e1eef31509dcbdde60b
1667de01b6ead446b5fc0db7ffb54cf042308c098819524f159091df2482553c

HTTP Headers

GET /files/2021/08/Circle-K.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 35784
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:42 GMT
ETag: "8d83e9fd94609f19ad93162380c80054"
Expires: Fri, 21 Nov 2025 23:49:10 GMT
Vary: Accept-Encoding
X-Varnish: 73039277 73499699
Age: 360
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/La-Fitness.png

216.152.143.240

200 OK

40 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/La-Fitness.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
40 kB (39453 bytes)
Hash
8a4218de366f5961ed9ecdce63d21c5f
83edba3651484b8da1a78727bcb7fac790fb274f
b580fb3909ffa90604d4256aaf73be4e9dc1c8d6903c43f7c879d1267719f009

HTTP Headers

GET /files/2021/08/La-Fitness.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/png
Content-Length: 39453
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:36 GMT
ETag: "65f838cec5daa4e0a380884694157f29"
Expires: Fri, 21 Nov 2025 23:55:09 GMT
Vary: Accept-Encoding
X-Varnish: 70192718
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X

142.250.74.72

200 OK

39 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
data
Size
39 kB (38680 bytes)
Hash
6b755efde426ec18cc05e239a780b227
1128c187853b8670876d59f99293537201013c3a
95939747167c791578a6b03f2144d44dca4b89787251155fb1e87debd383e64a

HTTP Headers

GET /gtm.js?id=GTM-N77HQ5X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 14:08:30 GMT
expires: Wed, 21 Sep 2022 14:08:30 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.163

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sullivanpaintinginc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 509292
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

142.250.74.163

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Size
18 kB (17908 bytes)
Hash
e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

HTTP Headers

GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sullivanpaintinginc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:38:37 GMT
expires: Tue, 19 Sep 2023 21:38:37 GMT
cache-control: public, max-age=31536000
age: 145793
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sullivanpaintinginc.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048

216.152.143.240

200 OK

16 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Size
16 kB (16112 bytes)
Hash
d7e0105a1d89d3a302e09d50c6d808c9
34eb40751fb3f70ffbae2f4270eb73b54349d982
cab4658b86b05ecfabd81a7f07837ff0d3a38cad66972bc583b7c3b1e1eb00ad

HTTP Headers

GET /cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: application/font-sfnt
Content-Length: 16112
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:42 GMT
ETag: "3ef0-5e8acea0cc45e"
Vary: Accept-Encoding
X-Varnish: 70517539 68919309
Age: 10418
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/marriott642X385.png

216.152.143.240

200 OK

87 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/marriott642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
87 kB (86901 bytes)
Hash
a28a41b221c3d4848b1363167650a564
967bdeba91dd04c898e934e8000de3821811863a
e1c3e218cae1056e8841236bfd0039e0ecae4605beb13b651d9c1ea481d24fb6

HTTP Headers

GET /files/2021/08/marriott642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/png
Content-Length: 86901
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:11 GMT
ETag: "199a03903326686b02b329fa48f80b78"
Expires: Fri, 21 Nov 2025 21:02:07 GMT
Vary: Accept-Encoding
X-Varnish: 70294205 68765033
Age: 10382
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 14:08:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sullivanpaintinginc.com/files/2021/08/cbre642X385-01.png

216.152.143.240

200 OK

70 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/cbre642X385-01.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
70 kB (69950 bytes)
Hash
266a961fdc43c8e249dcdd300abeaa20
003ca4e7fd5519a29f2a1bb8f5be4c7d4b965528
43aaf15c95d81e59cf998e26d7c5876b65938cc2d96e014bb2d47b87fa558b03

HTTP Headers

GET /files/2021/08/cbre642X385-01.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/png
Content-Length: 69950
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:29 GMT
ETag: "b18c1d3bddf6843faa2d46f2a7b75d50"
Expires: Fri, 21 Nov 2025 23:55:09 GMT
Vary: Accept-Encoding
X-Varnish: 68287450
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif

216.152.143.240

200 OK

1.1 kB

URL HTTP/1.1
sullivanpaintinginc.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
1.1 kB (1097 bytes)
Hash
2a07edce0f76003d12f3693e7f62edc2
661766632e5fa48d967f8ed7ae8c0df2a4dead06
039a26881ec489fa598d5cc7b46025fc32b0f2c963f8fd904bf48799af646eb7

HTTP Headers

GET /wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/gif
Content-Length: 1097
Connection: keep-alive
Last-Modified: Fri, 11 Oct 2013 16:05:10 GMT
ETag: "449-4e87948635980"
Vary: Accept-Encoding
X-Varnish: 70294230 69685690
Age: 2052
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/ph642X385.png

216.152.143.240

200 OK

147 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/ph642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
147 kB (146961 bytes)
Hash
7ea8d1d877680ab303f0e39b8a2bf72a
b24e15bf90f81a8842c3af9df9c5506804f17a95
469a12770a5756186a08eab34917369264c3d2a45c7c26aa6904c9e7f7f4a22c

HTTP Headers

GET /files/2021/08/ph642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: image/png
Content-Length: 146961
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:24 GMT
ETag: "90793a01df7212c5ed393de4c9f03a7b"
Expires: Fri, 21 Nov 2025 20:19:43 GMT
Vary: Accept-Encoding
X-Varnish: 70116162 68591826
Age: 12926
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/carhartt642X385-2.png

216.152.143.240

200 OK

70 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/carhartt642X385-2.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
70 kB (70107 bytes)
Hash
e366800160d4fbe1bf6a5ceff50002c2
6552a3fde6730f8fa9e24e1f491fc13b238eb96d
c1674d2fb5bcf644137ece81931800c5f6a19142f040247f0c0711e908580e18

HTTP Headers

GET /files/2021/08/carhartt642X385-2.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 70107
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:43 GMT
ETag: "94ee14cd537b9ce21a06ad1a46115b9f"
Expires: Fri, 21 Nov 2025 23:54:34 GMT
Vary: Accept-Encoding
X-Varnish: 69861328 67030961
Age: 36
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

secure.adnxs.com/px?id=1510158&t=1

37.252.172.250

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/px?id=1510158&t=1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px?id=1510158&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
AN-X-Request-Uuid: 5b46e39e-daef-4028-b33b-c8ba429e96a2
Set-Cookie: uuid2=5876175439339828919; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/seg?add=27369987&t=1

37.252.172.250

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=27369987&t=1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=27369987&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
AN-X-Request-Uuid: 3efbde5f-2943-489e-a0da-38ca74b7a4ef
Set-Cookie: uuid2=605953839671407395; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1

37.252.172.250

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fpx%3Fid%3D1510158%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 9750f9fe-4a33-4209-94cb-27b2f8f34aaf
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1

37.252.172.250

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D27369987%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: af27bf51-8e49-43ce-aef0-8a11d160ba4d
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVNtt5`1!]tbP6j2F-XstGt!@Ds)$vBtX; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 14:08:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630

216.152.143.240

200 OK

86 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
86 kB (85883 bytes)
Hash
2b9604bb4b6615251d5955dd61211ac3
1a97e25f5a7a4703d44a7591535893226220c953
c67877150284b77e762c1ff3c591a1b8f2af9ef01f38ddfc15bbdadac361a094

HTTP Headers

GET /files/2021/08/photo-12.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 85883
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:15:03 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 11:15:03 GMT
Vary: Accept-Encoding
X-Varnish: 68287462 68431401
Age: 10407
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/heartland-dental642X385.png

216.152.143.240

200 OK

105 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/heartland-dental642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
105 kB (105276 bytes)
Hash
4b17eee02cf1c348f87cc99e9faccf7c
038539950e2a61aaef8025e5c22c9b478454aa35
1a746f25d06f2b8f01662ef5e6d2b38cefbc7252e6bac2d1252b6b065c2421d0

HTTP Headers

GET /files/2021/08/heartland-dental642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 105276
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:05 GMT
ETag: "ed923566ac9ac40d283d239176a730b6"
Expires: Fri, 21 Nov 2025 23:54:31 GMT
Vary: Accept-Encoding
X-Varnish: 73445865 73004230
Age: 39
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/Yard-House-642X385.png

216.152.143.240

200 OK

116 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/Yard-House-642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
116 kB (115825 bytes)
Hash
906667ca55e1933d00f141b91df8842a
bca4b54f7d423d98cd9bbef9be3845b44a92b8cd
6d39e845e98f3f03fef65860b89c033ac9cb46c499bf04e9b1a2461a110420af

HTTP Headers

GET /files/2021/08/Yard-House-642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 115825
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:39:04 GMT
ETag: "532ebaa663f5cbce17a23419b525f03a"
Expires: Fri, 21 Nov 2025 23:48:03 GMT
Vary: Accept-Encoding
X-Varnish: 61209387 64447801
Age: 426
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/rightcev.png

216.152.143.240

200 OK

182 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/rightcev.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 800 x 533, 8-bit colormap, non-interlaced\012- data
Size
182 kB (181512 bytes)
Hash
54a408a7503181ecb9f1c59fe829d4e5
03a7ffc802057a8186135301d4385f1028d195d4
5c6320e88131f1acd1d3020dcda7058fc3df8cdb870715378952a7b99911a8ca

HTTP Headers

GET /files/2021/08/rightcev.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 181512
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:59:00 GMT
ETag: "7afd0d12b2b735c2c92c42a4ec77cd2b"
Expires: Fri, 21 Nov 2025 20:27:52 GMT
Vary: Accept-Encoding
X-Varnish: 70116173 68596346
Age: 12437
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630

216.152.143.240

200 OK

58 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
58 kB (58206 bytes)
Hash
142d9e9d8d9577418061b2714ade1e59
9fec5f85f6a0d2d08b8fc4ed222e2352e616ccee
3d3d17493567a4a2a2d8497af98ef85e6dedc97c9a2d62742e9ce1b010b6916d

HTTP Headers

GET /files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 58206
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 14:01:23 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 14:01:23 GMT
Vary: Accept-Encoding
X-Varnish: 70116194 70199102
Age: 426
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-6-scaled.jpg?w=1600&a=t

216.152.143.240

200 OK

440 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-6-scaled.jpg?w=1600&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x1125, components 3\012- data
Size
440 kB (440545 bytes)
Hash
9ab33668b61cdbcbaa3ef332c603f896
9d6e20cb5bb3ddf4b7536cf584a9fdf30cb4211f
58abc67ef66ffea7dc2341f6e1b740dcdb3f9d38b8ab4935acff1b553e4e47a0

HTTP Headers

GET /files/2021/08/photo-6-scaled.jpg?w=1600&a=t HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 440545
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:04:46 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 13:04:46 GMT
Vary: Accept-Encoding
X-Varnish: 71803712 72909073
Age: 3823
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630

216.152.143.240

200 OK

75 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
75 kB (74821 bytes)
Hash
6d24dbcbceca6403670bbcba5e6a93c6
95472cfee45aa20a4dc28e790ddbf1deca8d496a
580d3f257d6c81d42af0324e1dd67353cd333a5464eed646495c7357057e7426

HTTP Headers

GET /files/2021/08/photo-6-1.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 74821
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:34:21 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 13:34:21 GMT
Vary: Accept-Encoding
X-Varnish: 65760158 69359221
Age: 2049
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630

216.152.143.240

200 OK

70 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
70 kB (69783 bytes)
Hash
85218ac3a29d5549169b79dc31a8d431
4bb8a6ef163baa5ae3689cf8e24cbadb65a0f0b8
6f8a63a7d2b2ca47a29c0f55f1ed42cf8441599e43e16319086aabd498f36eab

HTTP Headers

GET /files/2021/08/photo-4-1.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 69783
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:14:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 11:14:52 GMT
Vary: Accept-Encoding
X-Varnish: 73005406 72131379
Age: 10417
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg

216.152.143.240

200 OK

166 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, progressive, precision 8, 2048x728, components 3\012- data
Size
166 kB (166017 bytes)
Hash
7adec28d845a0571b818af4b44766454
bbb85ff9515c7592a46e8971c1e176c24ab1d2c8
5963f13a0fc1a118485c1bec965302ce6b6cd7a245ed7d30aafa06af9559a79f

HTTP Headers

GET /files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 166017
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 14:12:54 GMT
ETag: "d2f8968e4f06d613b19f4db5029cf4e6"
Expires: Fri, 21 Nov 2025 20:52:46 GMT
Vary: Accept-Encoding
X-Varnish: 73698995 71711235
Age: 10944
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-20-1.jpg?w=1600&a=t

216.152.143.240

200 OK

403 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-20-1.jpg?w=1600&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x1125, components 3\012- data
Size
403 kB (403434 bytes)
Hash
c240df93704b267b7e4b87c4adf05c03
a98dfbd6c2a97041b68b9609eac7cd30f606ec49
abd0410aa32674a6b62b0608a727099e621d44f04bc5d89e729d1ff84db7c3d0

HTTP Headers

GET /files/2021/08/photo-20-1.jpg?w=1600&a=t HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 403434
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:06:35 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 11:06:35 GMT
Vary: Accept-Encoding
X-Varnish: 70116184 68277669
Age: 10914
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/Walgreens642X285.png

216.152.143.240

200 OK

108 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/Walgreens642X285.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
108 kB (108477 bytes)
Hash
47a103ed57a7d665591700e746bec89e
368dd40445452b14f499e9e1f001a7716d1d3f1f
2cb95706eeee3125153d93a4447d4ba6ecdc498ac1ca471ae0c337bef0d8bd9d

HTTP Headers

GET /files/2021/08/Walgreens642X285.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 108477
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:34 GMT
ETag: "9257216b12053974078234b516f7ee95"
Expires: Fri, 21 Nov 2025 23:28:07 GMT
Vary: Accept-Encoding
X-Varnish: 65760177 69830886
Age: 1622
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/clark642X385-1.png

216.152.143.240

200 OK

74 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/clark642X385-1.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
74 kB (74279 bytes)
Hash
7e1b1d258af43ae0c28c50aedab52d9e
c9becefe17eb30b5c197b108747c518868ae4fe6
b68e4b809430eb9cd6ad8168396efd683ee426f986ac5a27c832b0e5dac53bb1

HTTP Headers

GET /files/2021/08/clark642X385-1.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 74279
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:49 GMT
ETag: "8c76ceef6c44fa14e57e436133eccff5"
Expires: Fri, 21 Nov 2025 23:21:23 GMT
Vary: Accept-Encoding
X-Varnish: 70116212 70063215
Age: 2026
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif

216.152.143.240

302 Found

0 B

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com
Vary: Accept-Encoding
X-Varnish: 73005419 73109913
Age: 2836
Via: 1.1 varnish (Varnish/5.2)

sullivanpaintinginc.com/files/2021/08/container642X385-2.png

216.152.143.240

200 OK

90 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/container642X385-2.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
90 kB (90104 bytes)
Hash
7495f836d4b02c725fcaf0b6ced3e097
7fe889b299d9913fb592a5042551ebf69d6469dd
987911300894b928499c9fe309b613058988b001ca15018959ef12f7ff3c6191

HTTP Headers

GET /files/2021/08/container642X385-2.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 90104
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:57 GMT
ETag: "5422b25c2baaf08f8c179a0fa217742b"
Expires: Fri, 21 Nov 2025 22:51:26 GMT
Vary: Accept-Encoding
X-Varnish: 69861360 69592109
Age: 3824
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630&ct=1

216.152.143.240

200 OK

86 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630&ct=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
86 kB (85883 bytes)
Hash
2b9604bb4b6615251d5955dd61211ac3
1a97e25f5a7a4703d44a7591535893226220c953
c67877150284b77e762c1ff3c591a1b8f2af9ef01f38ddfc15bbdadac361a094

HTTP Headers

GET /files/2021/08/photo-12.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 85883
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:23:34 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 10:23:34 GMT
Vary: Accept-Encoding
X-Varnish: 65760179 68119785
Age: 13496
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1

216.152.143.240

200 OK

58 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
58 kB (58206 bytes)
Hash
142d9e9d8d9577418061b2714ade1e59
9fec5f85f6a0d2d08b8fc4ed222e2352e616ccee
3d3d17493567a4a2a2d8497af98ef85e6dedc97c9a2d62742e9ce1b010b6916d

HTTP Headers

GET /files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 58206
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:41:12 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 10:41:12 GMT
Vary: Accept-Encoding
X-Varnish: 69811702 68209066
Age: 12438
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1

216.152.143.240

200 OK

70 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
70 kB (69783 bytes)
Hash
85218ac3a29d5549169b79dc31a8d431
4bb8a6ef163baa5ae3689cf8e24cbadb65a0f0b8
6f8a63a7d2b2ca47a29c0f55f1ed42cf8441599e43e16319086aabd498f36eab

HTTP Headers

GET /files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 69783
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 10:41:12 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 10:41:12 GMT
Vary: Accept-Encoding
X-Varnish: 70192758 68582010
Age: 12438
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1

216.152.143.240

200 OK

75 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
75 kB (74821 bytes)
Hash
6d24dbcbceca6403670bbcba5e6a93c6
95472cfee45aa20a4dc28e790ddbf1deca8d496a
580d3f257d6c81d42af0324e1dd67353cd333a5464eed646495c7357057e7426

HTTP Headers

GET /files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/jpeg
Content-Length: 74821
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:21:14 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 13:21:14 GMT
Vary: Accept-Encoding
X-Varnish: 69841448 69376958
Age: 2836
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/leftcev.png

216.152.143.240

200 OK

50 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/leftcev.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 601 x 351, 8-bit colormap, non-interlaced\012- data
Size
50 kB (50493 bytes)
Hash
cd70395d31ef8ab4cbdc7c36ff756769
3975cb835f44b616af84477f40de8bb734447c40
1ec7acfb8cafb1680154f0a73c5b9949eef4978eed69f6f9f21ec3fe91e483ce

HTTP Headers

GET /files/2021/08/leftcev.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 50493
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:59:00 GMT
ETag: "7afd0d12b2b735c2c92c42a4ec77cd2b"
Expires: Fri, 21 Nov 2025 23:55:10 GMT
Vary: Accept-Encoding
X-Varnish: 70294243
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/

216.152.143.240

200 OK

7.8 kB

URL HTTP/1.1
sullivanpaintinginc.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Size
7.8 kB (7822 bytes)
Hash
f9cedec3650a1c6404cb1296bd86434e
f465e66cfcb8252d73da229cd56e322b43ab8f74
7ecad5d64bb70ca82e97e749d000586cd2c6927ec59fb7843a72609eedc96fbb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7822
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 61209399 70000767
Age: 115
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/leftcev.png?w=720&h=NaN&ct=1

216.152.143.240

200 OK

364 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/leftcev.png?w=720&h=NaN&ct=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 720 x 420, 8-bit/color RGBA, non-interlaced\012- data
Size
364 kB (363860 bytes)
Hash
7c0c58c19a31d93e6dc4384d53bd6388
cfce4a9c71536775974c3d473a5c998cb3eaec5c
9a356ee5800cc5ce323e99f784c39057cfc5444d2f9c9aa53e62d79b353da49b

HTTP Headers

GET /files/2021/08/leftcev.png?w=720&h=NaN&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/png
Content-Length: 363860
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:15:03 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 11:15:03 GMT
Vary: Accept-Encoding
X-Varnish: 68287506 68431414
Age: 10407
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/img/tsm-favicon.ico

216.152.143.240

200 OK

32 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/img/tsm-favicon.ico
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
c7f1c4f34424d5247f9a2a24f3e2372c
247102bcd8a2a36f1dfa16a652002ade82ffa1b0
ed829bc8a78f82c88e5d0bcfb368a9f714b6c758b0354b057f9e083dfa4ddd6b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/img/tsm-favicon.ico HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:30 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 32038
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:17 GMT
ETag: "7d26-59379a1c44599"
Vary: Accept-Encoding
X-Varnish: 73445912 72969800
Age: 434
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif

216.152.143.240

302 Found

0 B

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Cookie: __utma=107688448.797441652.1663769311.1663769311.1663769311.1; __utmb=107688448.2.10.1663769311; __utmc=107688448; __utmz=107688448.1663769311.1.1.utmcsr=EmailMarketing|utmccn=Merge%203%20(1st%20email)|utmcmd=email; __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 14:08:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com
Vary: Accept-Encoding
X-Varnish: 73058043 72008431
Age: 10914
Via: 1.1 varnish (Varnish/5.2)

sullivanpaintinginc.com/

216.152.143.240

200 OK

7.8 kB

URL HTTP/1.1
sullivanpaintinginc.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Size
7.8 kB (7822 bytes)
Hash
f9cedec3650a1c6404cb1296bd86434e
f465e66cfcb8252d73da229cd56e322b43ab8f74
7ecad5d64bb70ca82e97e749d000586cd2c6927ec59fb7843a72609eedc96fbb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Cookie: __utma=107688448.797441652.1663769311.1663769311.1663769311.1; __utmb=107688448.2.10.1663769311; __utmc=107688448; __utmz=107688448.1663769311.1.1.utmcsr=EmailMarketing|utmccn=Merge%203%20(1st%20email)|utmcmd=email; __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7822
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 69793622 62604928
Age: 114
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4296 bytes)
Hash
c523ffabe9e2288c7e6951ba0bc4c5d1
0d93de1e5f6a5c64116accbd61d003c349664483
b509944b3e30e23d3983a52e30ce228c29a0d821720794555863f97286d8c70c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4296
x-amzn-requestid: c85bf15a-42ec-48d0-a8c6-72be1c66f0af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VTGWMoAMF3fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-0396631418a153b5719363f6;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GpNFRpRcL5wLzPbd0GwW7BWYBDH9q-tEuECtoxDAD4RJmphpia8S5g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:41:42 GMT
age: 55614
etag: "0d93de1e5f6a5c64116accbd61d003c349664483"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sullivanpaintinginc.com/cms_websites/js/external/scripts.js

216.152.143.240

200 OK

0 B

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/js/external/scripts.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/js/external/scripts.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=Merge+3+(1st+email)
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 14:08:29 GMT
Content-Type: application/javascript
Content-Length: 120679
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "634a9-5c189ea477bf3-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 69793556 69963887
Age: 2865
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 14:08:29 GMT
date: Wed, 21 Sep 2022 14:08:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations