Report - 105344.io.directiq12.com/hit?sid=32de3oh2z3eqds750x&linkid=0&link=0bde4e26c0594832b64d000d7f85d4a5

Report Overview

Submitted URL
105344.io.directiq12.com/hit?sid=32de3oh2z3eqds750x&linkid=0&link=0bde4e26c0594832b64d000d7f85d4a5
IP
54.205.211.131
ASN
#14618 AMAZON-AES
Submitted
2022-09-21 18:31:56
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	54.230.245.118
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
www.sullivanpaintinginc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	875 B	216.152.143.240
secure.adnxs.com	396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	6.5 kB	37.252.172.250
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	995 B	51 kB	142.250.74.163
ssl.google-analytics.com	275	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	19 kB	216.58.207.200
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	88 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	1.8 kB	142.250.74.10
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
105344.io.directiq12.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	501 B	276 B	54.157.101.61
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.238.202.79
sullivanpaintinginc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	27 kB	4.0 MB	216.152.143.240
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.7 kB	142.250.74.3
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437 B	8.4 kB	142.250.74.106
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	38 kB	142.250.74.72

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1	Phishing
2022-09-21	medium	sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/cms_custom_css.php?ver=248_11	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js	Phishing
2022-09-21	medium	sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/js/external/scripts.js	Phishing
2022-09-21	medium	sullivanpaintinginc.com/	Phishing
2022-09-21	medium	sullivanpaintinginc.com/cms_websites/img/tsm-favicon.ico	Phishing
2022-09-21	medium	sullivanpaintinginc.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files detected

URL
sullivanpaintinginc.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP
216.152.143.240
ASN
#13768 COGECO-PEER1

File type
gzip compressed data, max compression\012- data
Size
2.1 kB (2063 bytes)
Hash
6e380fc33ba72dc28290d5058ccb88ef
90e6e9869611d588f66f95ef21d94cb71ebb4c6a
dea5573b021878789c4f4f6fe4a69977f1fb1d48fe57485f2b68a4e78237167b

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (20)

	URL	Size	First Seen	Last Seen
	sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js	1.2 MB	2023-03-07	2024-04-22
Pretty URL sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-22 06:49:03 Times Seen182 Hash 1011064a70f679eaaef8d6988d6cc493 5198abb91179ff6171ec60e54366138a06e7068f 2b36622b2d03598b27c0c17e5f50ef427810dbf17117b305dc57fbd97729b8fb Loading...

	secure.adnxs.com/px?id=1510158&t=1	0 B	2023-03-07	2024-04-25
Pretty URL secure.adnxs.com/px?id=1510158&t=1 IP 37.252.172.250 ASN #29990 ASN-APPNEX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 02:04:20 Times Seen37052671 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	891 B	2023-03-07	2023-03-07
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:42:43 Last Seen2023-03-07 22:42:43 Times Seen1 Hash 9d9f1cfb19fa307034f67a5b3e24922b 004086070f75f1896763f3351ed787406644f6c4 c02fb9e31ee6e7cf7c2f57fcc796450bd8856ceb695bd8eb1da7b0aca40f3959 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	261 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash 9f0001191ca50aa4c7b0d429e6f980f8 092fc358e5952aede1ae39f24744e10ffa81ead1 cad240043ab803d947d3f5ea13a29bcac2867af2bb036b4711047881fc938bb7 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	263 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash b2bbd34b77eebd6f40a769216503882d e1d37d592784bf6cfb71e762a297e7114b4067f2 71b2fc6ecdd92a8acd8a3fadd7e533a0d36e30f163cf18b5223912840450ab0a Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	263 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash 45664c7a985772bd17a9046c95afd66b 0257939ec8d25b72e3b7dfcedcf122d525958826 60f0ff0c3382b39cb6987fd04897a0602b815eeba4dc8c6987c97a2e39ac7b20 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	265 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash 4e2951b0dc01ad6edd734f4cc3194479 f0c7bcd78164f698004c66d2a4fff605ac2d4ff9 531a1cb7803c87366150c227ec711f62e6ac876947a42f81c44809e27b9851eb Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	109 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash e56710597cef5225bdf3ef31c94569aa d3b4cca529aab07699b3ad27887aa7ce4d4aa3bd 2c7088fa1eaccb9399b163ae606b28d17ef5dff8e3d596ad67b0a49e9344162f Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	1.1 kB	2023-03-07	2024-01-04
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-04 13:47:19 Times Seen11 Hash be124bf710c176bc7dd8b62e6fd800e1 dd0cdb7937fd85443df8534151d62be9585602cc e15fd73fb64288c82b018aa822331e6cfde3506f7051e314f9999f4f0d1f9bf6 Loading...

	sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js	98 kB	2023-03-07	2023-03-08
Pretty URL sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-08 06:45:14 Times Seen1 Hash d8973c54076e6d031f72fe15b6b43f69 f080d8bdc42a3a08e7145237eade58cf5f069633 6d8cbebbfced3ffd968a2d4c860fefa0e316f4d84bf124ec1e31f44e6c3b670e Loading...

	sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3	16 kB	2023-03-07	2024-04-22
Pretty URL sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3 IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:25 Last Seen2024-04-22 17:35:36 Times Seen1233 Hash 6a3a434a1360cc744341e97de9177bc6 d110825c3252a677ce8b6fd81cd2eda0201e4e1b 4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828 Loading...

	sullivanpaintinginc.com/cms_websites/js/external/scripts.js	407 kB	2023-03-07	2023-03-14
Pretty URL sullivanpaintinginc.com/cms_websites/js/external/scripts.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-14 06:47:02 Times Seen1 Hash 4a577c9981aa1b4382753aad507b39c6 88544dd831c5b7d15c9864813bfa85b90538afe3 f6e0a49a81916892daf64a97d9ccc1230323161ed2b6b1815eb174e4fe2d6c78 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	341 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash fa03b876dbbdaf962f567095ce032801 ad8c4326fe1a1f53b87055d66732014a4ed6f199 3ced874adf1ce93d3dc6c5173296b379fbc7955598c4a20162f687778038b3f8 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	159 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash ced9ca672a04f20634cd719a3a2d90ed aee7348f881a84ad3c41ba5707b5b2d815b247eb 03a36cf94dfbcaa46387127dd4a76a0514cba1483fc589dee617848596e27cf0 Loading...

	sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js	1.2 kB	2023-03-07	2024-01-31
Pretty URL sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-31 16:23:41 Times Seen37 Hash 02e2d3983e38c9bce62b5a450d8ef056 075d832d09eb6ec64df1205e5a23644c9657450c e45a2dc0c3d0072db0ad96e13e64a8ebabf7f36cd0cec49932117a6c2998931b Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	74 B	2023-03-07	2024-01-05
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-05 14:28:13 Times Seen13 Hash 0ca1d59c845951c81df3723cf6e06509 77d9dd33d3dc07adc4608a84eccb29c836e0ec15 f298881955505374d260f5586d86a2ac4db77f061b0bf2ddadde8c7ce3dd9b41 Loading...

	sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign	714 B	2023-03-07	2023-03-26
Pretty URL sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2023-03-26 08:44:47 Times Seen2 Hash be071629c0b0948d8547ba0f2fcad121 1de11621251fa3a410581aed3b4afc686fa774c6 eabde0fae5d8088af24b2ad5b184c4228ccbefc0779969f42bcf30323587f128 Loading...

	sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js	1.0 kB	2023-03-07	2024-01-31
Pretty URL sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js IP 216.152.143.240 ASN #13768 COGECO-PEER1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:32 Last Seen2024-01-31 16:23:41 Times Seen37 Hash 880a1ec15331350293dc0001fddbdd05 8287010cbfd5bfa9d20b71c6320f91c0a73f0275 193eafafb10fe21b2fa8251fd5734649c077f9d19fa217fb19967189c96094ec Loading...

	www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X	97 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:42:43 Last Seen2023-03-07 22:42:43 Times Seen1 Hash e8ef20329f2571b066afac74137546ea e904927b1f14f79d61df3a76fd514f28f3296bc8 c4c7b7bf35870c59c4e813ccc4739ffc888c625db8c9f3c98bc4d2881acc1bab Loading...

HTTP Transactions (95)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 18:13:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kCqusj-UsCmjK6kl5g02iPmd9j2u_kCTiNJvTa_4x1i-w_Q7cvJIOA==
Age: 1086

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5333
Expires: Wed, 21 Sep 2022 20:00:38 GMT
Date: Wed, 21 Sep 2022 18:31:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jjxfvn1qfjRSLUFrsloh2Llw40mmGj5F0GrY2O0IsWHvt8nZCDsYSw==
age: 50192
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 18:31:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e1a5f4466e9cd1c5e0b93b1b26a07966
af5a8af6b29287dd12604ed02917f0af90226124
9e41876ca054149584bff65d15f135d953cbf043500e131d1c2f66f2534f51d5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 18:31:45 GMT
Last-Modified: Wed, 21 Sep 2022 18:04:55 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Szn9xmZCgcK-ZjvqgfkRKl2zTBYPIh0XrrakFNKA_jZn0cznPtn_Qw==
Age: 1610

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 18:03:22 GMT
Expires: Wed, 21 Sep 2022 18:51:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 33CF3a-LNwDsJ0AooBwGCuCnzE09L9QSk1YVT9soQgM0BSS3wz1O2A==
Age: 1703

105344.io.directiq12.com/hit?sid=32de3oh2z3eqds750x&linkid=0&link=0bde4e26c0594832b64d000d7f85d4a5

54.157.101.61

302 Found

0 B

URL HTTP/2
105344.io.directiq12.com/hit?sid=32de3oh2z3eqds750x&linkid=0&link=0bde4e26c0594832b64d000d7f85d4a5
IP
54.157.101.61:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hit?sid=32de3oh2z3eqds750x&linkid=0&link=0bde4e26c0594832b64d000d7f85d4a5 HTTP/1.1
Host: 105344.io.directiq12.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 21 Sep 2022 18:31:45 GMT
content-length: 0
location: http://www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
apigw-requestid: Y0rGyhphoAMESdg=
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1978
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:45 GMT
Last-Modified: Wed, 21 Sep 2022 17:58:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign

216.152.143.240

301 Moved Permanently

178 B

URL HTTP/1.1
www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign HTTP/1.1
Host: www.sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 18:31:46 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign

push.services.mozilla.com/

44.238.202.79

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.238.202.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /PvQ34JeO6kVNKl76ETUvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jjojz5FXY7Qx+xCtAE39j4pSe28=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d46f8de768a875577f99041641daec7
8b640ff702b62cc8bf5617a40766301091603417
15e69d785afb803e571e54fde6e3239034bf90ee12bc7d93719e9c9dabb45cf5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15E69D785AFB803E571E54FDE6E3239034BF90EE12BC7D93719E9C9DABB45CF5"
Last-Modified: Tue, 20 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Wed, 21 Sep 2022 20:07:48 GMT
Date: Wed, 21 Sep 2022 18:31:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8962
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 18:31:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8962
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 18:31:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8962
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 18:31:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11832 bytes)
Hash
2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:07:08 GMT
age: 73478
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9201 bytes)
Hash
a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 73009
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12048 bytes)
Hash
c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: 59e98571-f927-44b3-b088-29ec1e4cc3bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYxD-FnIIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202ee6-14e47d9a3ae47d0f607033a8;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:19:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 55e0txtcytlUpcNWSLrHWN3FC1t4dMHGTrHGhNV7YFIhOz6c45UcCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:43:54 GMT
age: 20872
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10244 bytes)
Hash
14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 83594
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10038 bytes)
Hash
dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NzOpixfxr2pFiDhF5WUGmjD8r2CTn1grSkCEyWvthxRq0djbDKjknA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:15:05 GMT
age: 73001
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12654 bytes)
Hash
f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nSWUmBqJPIBYNoLtyrfAN7CK4367b6TEku9eki8BGJVdTWW3dSyckw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 06:45:55 GMT
age: 42351
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign

216.152.143.240

301 Moved Permanently

0 B

URL HTTP/1.1
www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign HTTP/1.1
Host: www.sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 18:31:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Vary: Accept-Encoding
X-Varnish: 73024585
Age: 0
Via: 1.1 varnish (Varnish/5.2)

sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign

216.152.143.240

200 OK

7.9 kB

URL HTTP/1.1
sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Size
7.9 kB (7945 bytes)
Hash
ca713f98711b26296e97d2f72ba5088a
3c48cab443eeeb7275035353c6f04f59eec8c842
87404d3da96c853a235c83598b4580cc9823b550f3748e0ec0f183a18567820b

HTTP Headers

GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7945
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73197130 73186346
Age: 1164
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11

142.250.74.106

200 OK

7.3 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28290)
Size
7.3 kB (7320 bytes)
Hash
29cec33e497be5e450f9703d98efca3b
4bcb24406115ca93d35ba145b78234b6f5e5d135
287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012

HTTP Headers

GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 06:39:09 GMT
expires: Sun, 17 Sep 2023 06:39:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 388358
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

secure.adnxs.com/seg?add=27369987&t=1

37.252.172.250

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=27369987&t=1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=27369987&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
AN-X-Request-Uuid: 752fc053-f755-492d-a579-f519a38188b7
Set-Cookie: uuid2=8727575681543120562; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/px?id=1510158&t=1

37.252.172.250

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/px?id=1510158&t=1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px?id=1510158&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
AN-X-Request-Uuid: 6857e14b-e290-437d-a74a-5709587bae50
Set-Cookie: uuid2=4114107305353922303; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1

37.252.172.250

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D27369987%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 2353133f-3716-409c-a714-02cc32cba150
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVSiF0/-!]tbP6j2F-XstGt!@DgW$p1kt; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1

37.252.172.250

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fpx%3Fid%3D1510158%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: affa806e-b606-409c-a7bf-93be0820b7b0
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11

142.250.74.10

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1094 bytes)
Hash
6ec234fb6044f368cc2c8e0a29ad66e9
dc5dacf4412c9d96d8184d8ab8e0cddaffd33296
da2bff81406947ec634fcf3ecf12329548c51bd726b170a5c56452a7e5d937c6

HTTP Headers

GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 18:31:47 GMT
date: Wed, 21 Sep 2022 18:31:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1

216.152.143.240

200 OK

56 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (728)
Size
56 kB (56238 bytes)
Hash
96e5755dcdc8411f20309eba06090553
673daa8b541f7a365cdf0cd81b6dfbca82e4801b
660487676b070f91f351c10f6f9d76a3273f3d30cab85aa700ad1516cf094b3b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: text/css
Content-Length: 56238
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:43 GMT
ETag: "865b5-5e8acea238e87-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 72930533 72439660
Age: 555
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js

216.152.143.240

200 OK

24 kB

URL HTTP/1.1
sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (31984)
Size
24 kB (24449 bytes)
Hash
df8cb58860540fe37f48ebdd01d4f7e2
7abdbe3fd4184ea1230dd6f35391778a0a79be88
a5e0db722a02983ddd7c0687cad6b966d7f5f842b80a4c510b390cc6441ee231

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 24449
Connection: keep-alive
Last-Modified: Thu, 14 Apr 2022 01:14:55 GMT
ETag: "17d03-5dc9305909e30-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73197179 71107808
Age: 13255
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js

216.152.143.240

200 OK

465 B

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (1164), with no line terminators
Size
465 B (465 bytes)
Hash
ae9e1ea6af46bf62a7469101eb4a8f55
e94958da3bfd259c99019190f6c4e449e0c16aee
bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:35 GMT
ETag: "48c-5d727b353ed35-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 8091920 55231115
Age: 13384
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/cms_custom_css.php?ver=248_11

216.152.143.240

200 OK

3.4 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/cms_custom_css.php?ver=248_11
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (443)
Size
3.4 kB (3430 bytes)
Hash
af6cfac463e458f4a779100b8e44351f
fc843a22eb110fdf842ece1c4dbb6e72ffe97109
fcdd8b1b5ee1be506bb0ca1380592c8dba860ee68dc05ea3ea8de3ab718ddf89

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/cms_custom_css.php?ver=248_11 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 3430
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 53113545 54001128
Age: 1289
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11

216.152.143.240

200 OK

8.4 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (483)
Size
8.4 kB (8440 bytes)
Hash
2c4b91c9eee090790f2f9500b21960a3
ff3020cfcff7cdf54983ea1365ce111f8822544f
336027df12f5b20aa1dad52a50300aa5319baf5c69b4d0860b443343e0bf5116

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 8440
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 77022651 76505437
Age: 1102
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3

216.152.143.240

200 OK

5.8 kB

URL HTTP/1.1
sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (16194)
Size
5.8 kB (5822 bytes)
Hash
0de80519eb796dc06fa34efcf454c797
1274f536f1c2c51ad2b0c0f121da21cc43854ea5
059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 5822
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 18:16:47 GMT
ETag: "401a-59378c5d12306-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73197190 71306672
Age: 12440
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js

216.152.143.240

200 OK

517 B

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (1015), with no line terminators
Size
517 B (517 bytes)
Hash
09a9e3bc0d18d851d1276481ed543c9e
87f953897b9f07e27e0b080a4320a9b78fc80167
9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:41 GMT
ETag: "3f7-5d727b3a6c8f4-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 61920081 58618043
Age: 11717
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js

216.152.143.240

200 OK

433 kB

URL HTTP/1.1
sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (65350)
Size
433 kB (432702 bytes)
Hash
aa24aa3a0a9984210198ac91297db647
2108d2f01c37149228877a9672d866c08f5daee6
ce55bf8849d63b8767c7fd032fb9277ffec0bb103ca26ad3b66b330208f3855f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 432702
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:26 GMT
ETag: "11e248-5a7d7dcb4d5ff-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 72187758 73370552
Age: 1283
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/js/external/scripts.js

216.152.143.240

200 OK

121 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/js/external/scripts.js
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
ASCII text, with very long lines (32077)
Size
121 kB (120679 bytes)
Hash
2b2400ce27b4d1d8ceca82bed3e8bad2
2ebaca6538cccffd5a042f53e46a18b2133acb9a
bd364f13dac56e31208849b685194592c91631fa41a8c396c5346417fccc47e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/js/external/scripts.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 120679
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "634a9-5c189ea477bf3-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 8091922 72115716
Age: 3874
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/tj642X385.png

216.152.143.240

200 OK

61 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/tj642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
61 kB (60559 bytes)
Hash
1c489c000b428df8a63bdd7b17dc3bc0
40604409cd93ca8f2953db7a202cdc551ebd9aa3
26c814d49311c2495b5d119e29961e8d3bed2d7a72d600d044c44e5c72412ad8

HTTP Headers

GET /files/2021/08/tj642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 60559
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:18 GMT
ETag: "32f0295df92561381f0fe57a28a4c740"
Expires: Sat, 22 Nov 2025 03:29:10 GMT
Vary: Accept-Encoding
X-Varnish: 73703183 51375025
Age: 2957
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg

216.152.143.240

200 OK

14 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 642x385, components 3\012- data
Size
14 kB (13877 bytes)
Hash
010c225c2d030c6226f2c7c073291a8d
3dc3de7db6ff28898f3d3cbc1b5382276a088ef1
e449cfdfc4eff75f385d48738f7bd306d4dab821b17cd3f3cb6db363a50dc796

HTTP Headers

GET /files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/jpeg
Content-Length: 13877
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:57 GMT
ETag: "a3f60a53cc10fcc69329bb02c2dbb3a5"
Expires: Sat, 22 Nov 2025 03:08:27 GMT
Vary: Accept-Encoding
X-Varnish: 76884641 56292525
Age: 4200
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sullivanpaintinginc.com/files/2021/08/La-Fitness.png

216.152.143.240

200 OK

40 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/La-Fitness.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
40 kB (39453 bytes)
Hash
8a4218de366f5961ed9ecdce63d21c5f
83edba3651484b8da1a78727bcb7fac790fb274f
b580fb3909ffa90604d4256aaf73be4e9dc1c8d6903c43f7c879d1267719f009

HTTP Headers

GET /files/2021/08/La-Fitness.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 39453
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:36 GMT
ETag: "65f838cec5daa4e0a380884694157f29"
Expires: Sat, 22 Nov 2025 04:10:47 GMT
Vary: Accept-Encoding
X-Varnish: 73290309 73191896
Age: 460
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/verizon642X385.png

216.152.143.240

200 OK

33 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/verizon642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (33334 bytes)
Hash
f8e51ebe06db6f46f5ffe3cc4abd3b41
ae3a580d9969911203f51b98af7332970efd1645
b5364a9235112633f66b79754fd081057624a4a9a52ea099303ff0ad2e97a2f9

HTTP Headers

GET /files/2021/08/verizon642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 33334
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:49 GMT
ETag: "4257cb474a9860d345de497f4a232a27"
Expires: Sat, 22 Nov 2025 00:52:57 GMT
Vary: Accept-Encoding
X-Varnish: 70840435 55208479
Age: 12330
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/Circle-K.png

216.152.143.240

200 OK

36 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/Circle-K.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (35784 bytes)
Hash
ee59b35401f61a67a1ee4772a2463a24
0a52dbc3c65d70507cc03e1eef31509dcbdde60b
1667de01b6ead446b5fc0db7ffb54cf042308c098819524f159091df2482553c

HTTP Headers

GET /files/2021/08/Circle-K.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 35784
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:42 GMT
ETag: "8d83e9fd94609f19ad93162380c80054"
Expires: Sat, 22 Nov 2025 03:50:44 GMT
Vary: Accept-Encoding
X-Varnish: 76925655 76119351
Age: 1663
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X

142.250.74.72

200 OK

38 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2082)
Size
38 kB (37767 bytes)
Hash
2c1f5513d6f78fca9ef2f8702f7d789b
070c005cef18dce990bed943e75ae34a0d22f47d
5cf6c8e96c0a2dc7c0d9c477937050d09ca18d1038b756edd94b8205d7efaa5c

HTTP Headers

GET /gtm.js?id=GTM-N77HQ5X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 18:31:48 GMT
expires: Wed, 21 Sep 2022 18:31:48 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

142.250.74.163

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Size
18 kB (17908 bytes)
Hash
e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

HTTP Headers

GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sullivanpaintinginc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:38:37 GMT
expires: Tue, 19 Sep 2023 21:38:37 GMT
cache-control: public, max-age=31536000
age: 161591
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.163

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sullivanpaintinginc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 525090
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sullivanpaintinginc.com/files/2021/08/cbre642X385-01.png

216.152.143.240

200 OK

70 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/cbre642X385-01.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
70 kB (69950 bytes)
Hash
266a961fdc43c8e249dcdd300abeaa20
003ca4e7fd5519a29f2a1bb8f5be4c7d4b965528
43aaf15c95d81e59cf998e26d7c5876b65938cc2d96e014bb2d47b87fa558b03

HTTP Headers

GET /files/2021/08/cbre642X385-01.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 69950
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:29 GMT
ETag: "b18c1d3bddf6843faa2d46f2a7b75d50"
Expires: Sat, 22 Nov 2025 03:31:46 GMT
Vary: Accept-Encoding
X-Varnish: 76884639 76616367
Age: 2801
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/marriott642X385.png

216.152.143.240

200 OK

87 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/marriott642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
87 kB (86901 bytes)
Hash
a28a41b221c3d4848b1363167650a564
967bdeba91dd04c898e934e8000de3821811863a
e1c3e218cae1056e8841236bfd0039e0ecae4605beb13b651d9c1ea481d24fb6

HTTP Headers

GET /files/2021/08/marriott642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 86901
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:11 GMT
ETag: "199a03903326686b02b329fa48f80b78"
Expires: Sat, 22 Nov 2025 01:03:10 GMT
Vary: Accept-Encoding
X-Varnish: 73667191 65726275
Age: 11717
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/Walgreens642X285.png

216.152.143.240

200 OK

108 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/Walgreens642X285.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
108 kB (108477 bytes)
Hash
47a103ed57a7d665591700e746bec89e
368dd40445452b14f499e9e1f001a7716d1d3f1f
2cb95706eeee3125153d93a4447d4ba6ecdc498ac1ca471ae0c337bef0d8bd9d

HTTP Headers

GET /files/2021/08/Walgreens642X285.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 108477
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:34 GMT
ETag: "9257216b12053974078234b516f7ee95"
Expires: Sat, 22 Nov 2025 00:35:22 GMT
Vary: Accept-Encoding
X-Varnish: 77171780 58504664
Age: 13385
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048

216.152.143.240

200 OK

16 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Size
16 kB (16112 bytes)
Hash
d7e0105a1d89d3a302e09d50c6d808c9
34eb40751fb3f70ffbae2f4270eb73b54349d982
cab4658b86b05ecfabd81a7f07837ff0d3a38cad66972bc583b7c3b1e1eb00ad

HTTP Headers

GET /cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: application/font-sfnt
Content-Length: 16112
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:45 GMT
ETag: "3ef0-5e8acea36f0e7"
Vary: Accept-Encoding
X-Varnish: 76993342 76839140
Age: 382
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sullivanpaintinginc.com/files/2021/08/ph642X385.png

216.152.143.240

200 OK

147 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/ph642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
147 kB (146961 bytes)
Hash
7ea8d1d877680ab303f0e39b8a2bf72a
b24e15bf90f81a8842c3af9df9c5506804f17a95
469a12770a5756186a08eab34917369264c3d2a45c7c26aa6904c9e7f7f4a22c

HTTP Headers

GET /files/2021/08/ph642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 146961
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:24 GMT
ETag: "90793a01df7212c5ed393de4c9f03a7b"
Expires: Sat, 22 Nov 2025 03:57:12 GMT
Vary: Accept-Encoding
X-Varnish: 73304328 72756897
Age: 1275
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif

216.152.143.240

200 OK

2.1 kB

URL HTTP/1.1
sullivanpaintinginc.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
gzip compressed data, max compression\012- data
Size
2.1 kB (2063 bytes)
Hash
6e380fc33ba72dc28290d5058ccb88ef
90e6e9869611d588f66f95ef21d94cb71ebb4c6a
dea5573b021878789c4f4f6fe4a69977f1fb1d48fe57485f2b68a4e78237167b

HTTP Headers

GET /wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/gif
Content-Length: 1097
Connection: keep-alive
Last-Modified: Fri, 11 Oct 2013 16:05:10 GMT
ETag: "449-4e87948635980"
Vary: Accept-Encoding
X-Varnish: 76925689 76848367
Age: 1584
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/carhartt642X385-2.png

216.152.143.240

200 OK

70 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/carhartt642X385-2.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
70 kB (70107 bytes)
Hash
e366800160d4fbe1bf6a5ceff50002c2
6552a3fde6730f8fa9e24e1f491fc13b238eb96d
c1674d2fb5bcf644137ece81931800c5f6a19142f040247f0c0711e908580e18

HTTP Headers

GET /files/2021/08/carhartt642X385-2.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 70107
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:43 GMT
ETag: "94ee14cd537b9ce21a06ad1a46115b9f"
Expires: Sat, 22 Nov 2025 03:32:26 GMT
Vary: Accept-Encoding
X-Varnish: 73025855 71128641
Age: 2761
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/clark642X385-1.png

216.152.143.240

200 OK

74 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/clark642X385-1.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
74 kB (74279 bytes)
Hash
7e1b1d258af43ae0c28c50aedab52d9e
c9becefe17eb30b5c197b108747c518868ae4fe6
b68e4b809430eb9cd6ad8168396efd683ee426f986ac5a27c832b0e5dac53bb1

HTTP Headers

GET /files/2021/08/clark642X385-1.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 74279
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:49 GMT
ETag: "8c76ceef6c44fa14e57e436133eccff5"
Expires: Sat, 22 Nov 2025 03:23:20 GMT
Vary: Accept-Encoding
X-Varnish: 73537397 55588343
Age: 3307
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg

216.152.143.240

200 OK

166 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, progressive, precision 8, 2048x728, components 3\012- data
Size
166 kB (166017 bytes)
Hash
7adec28d845a0571b818af4b44766454
bbb85ff9515c7592a46e8971c1e176c24ab1d2c8
5963f13a0fc1a118485c1bec965302ce6b6cd7a245ed7d30aafa06af9559a79f

HTTP Headers

GET /files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 166017
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 14:12:54 GMT
ETag: "d2f8968e4f06d613b19f4db5029cf4e6"
Expires: Sat, 22 Nov 2025 00:52:56 GMT
Vary: Accept-Encoding
X-Varnish: 76993340 55439488
Age: 12331
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/heartland-dental642X385.png

216.152.143.240

200 OK

105 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/heartland-dental642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
105 kB (105276 bytes)
Hash
4b17eee02cf1c348f87cc99e9faccf7c
038539950e2a61aaef8025e5c22c9b478454aa35
1a746f25d06f2b8f01662ef5e6d2b38cefbc7252e6bac2d1252b6b065c2421d0

HTTP Headers

GET /files/2021/08/heartland-dental642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 105276
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:05 GMT
ETag: "ed923566ac9ac40d283d239176a730b6"
Expires: Sat, 22 Nov 2025 01:04:36 GMT
Vary: Accept-Encoding
X-Varnish: 73304346 70374684
Age: 11631
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/Yard-House-642X385.png

216.152.143.240

200 OK

116 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/Yard-House-642X385.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
116 kB (115825 bytes)
Hash
906667ca55e1933d00f141b91df8842a
bca4b54f7d423d98cd9bbef9be3845b44a92b8cd
6d39e845e98f3f03fef65860b89c033ac9cb46c499bf04e9b1a2461a110420af

HTTP Headers

GET /files/2021/08/Yard-House-642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 115825
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:39:04 GMT
ETag: "532ebaa663f5cbce17a23419b525f03a"
Expires: Sat, 22 Nov 2025 01:04:36 GMT
Vary: Accept-Encoding
X-Varnish: 77022690 74484533
Age: 11631
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

secure.adnxs.com/seg?add=27369987&t=1

37.252.172.250

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=27369987&t=1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=27369987&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
AN-X-Request-Uuid: 325c7281-8e9e-4b7e-9489-a1c184add1e7
Set-Cookie: uuid2=3534680227647956989; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1

37.252.172.250

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D27369987%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 36e967b2-ebaf-482a-8167-19200b2da31f
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVIiF0/-!]tbP6j2F-XstGt!@DhF$pW+x; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

sullivanpaintinginc.com/files/2021/08/photo-6-scaled.jpg?w=1600&a=t

216.152.143.240

200 OK

440 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-6-scaled.jpg?w=1600&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x1125, components 3\012- data
Size
440 kB (440545 bytes)
Hash
9ab33668b61cdbcbaa3ef332c603f896
9d6e20cb5bb3ddf4b7536cf584a9fdf30cb4211f
58abc67ef66ffea7dc2341f6e1b740dcdb3f9d38b8ab4935acff1b553e4e47a0

HTTP Headers

GET /files/2021/08/photo-6-scaled.jpg?w=1600&a=t HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 440545
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 14:56:37 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 14:56:37 GMT
Vary: Accept-Encoding
X-Varnish: 72447463 70522957
Age: 12911
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/container642X385-2.png

216.152.143.240

200 OK

90 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/container642X385-2.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size
90 kB (90104 bytes)
Hash
7495f836d4b02c725fcaf0b6ced3e097
7fe889b299d9913fb592a5042551ebf69d6469dd
987911300894b928499c9fe309b613058988b001ca15018959ef12f7ff3c6191

HTTP Headers

GET /files/2021/08/container642X385-2.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 90104
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:57 GMT
ETag: "5422b25c2baaf08f8c179a0fa217742b"
Expires: Sat, 22 Nov 2025 03:58:34 GMT
Vary: Accept-Encoding
X-Varnish: 77022686 76877267
Age: 1194
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630

216.152.143.240

200 OK

86 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
86 kB (85883 bytes)
Hash
2b9604bb4b6615251d5955dd61211ac3
1a97e25f5a7a4703d44a7591535893226220c953
c67877150284b77e762c1ff3c591a1b8f2af9ef01f38ddfc15bbdadac361a094

HTTP Headers

GET /files/2021/08/photo-12.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 85883
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 17:47:00 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 17:47:00 GMT
Vary: Accept-Encoding
X-Varnish: 73197245 72776306
Age: 2688
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

secure.adnxs.com/px?id=1510158&t=1

37.252.172.250

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/px?id=1510158&t=1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px?id=1510158&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
AN-X-Request-Uuid: da5d6eb4-a2ff-44f1-98f7-43ecf09ed10b
Set-Cookie: uuid2=1437257209706595613; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

sullivanpaintinginc.com/files/2021/08/rightcev.png

216.152.143.240

200 OK

182 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/rightcev.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 800 x 533, 8-bit colormap, non-interlaced\012- data
Size
182 kB (181512 bytes)
Hash
54a408a7503181ecb9f1c59fe829d4e5
03a7ffc802057a8186135301d4385f1028d195d4
5c6320e88131f1acd1d3020dcda7058fc3df8cdb870715378952a7b99911a8ca

HTTP Headers

GET /files/2021/08/rightcev.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 181512
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:59:00 GMT
ETag: "7afd0d12b2b735c2c92c42a4ec77cd2b"
Expires: Sat, 22 Nov 2025 04:07:54 GMT
Vary: Accept-Encoding
X-Varnish: 73290346 73059319
Age: 633
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630

216.152.143.240

200 OK

58 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
58 kB (58206 bytes)
Hash
142d9e9d8d9577418061b2714ade1e59
9fec5f85f6a0d2d08b8fc4ed222e2352e616ccee
3d3d17493567a4a2a2d8497af98ef85e6dedc97c9a2d62742e9ce1b010b6916d

HTTP Headers

GET /files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 58206
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 18:31:48 GMT
Vary: Accept-Encoding
X-Varnish: 77022705
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1

37.252.172.250

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fpx%3Fid%3D1510158%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 43b65a3f-fc66-4d7e-a385-bb8f43491fc8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

sullivanpaintinginc.com/files/2021/08/photo-20-1.jpg?w=1600&a=t

216.152.143.240

200 OK

403 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-20-1.jpg?w=1600&a=t
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x1125, components 3\012- data
Size
403 kB (403434 bytes)
Hash
c240df93704b267b7e4b87c4adf05c03
a98dfbd6c2a97041b68b9609eac7cd30f606ec49
abd0410aa32674a6b62b0608a727099e621d44f04bc5d89e729d1ff84db7c3d0

HTTP Headers

GET /files/2021/08/photo-20-1.jpg?w=1600&a=t HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 403434
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 18:12:07 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 18:12:07 GMT
Vary: Accept-Encoding
X-Varnish: 72447477 71198759
Age: 1180
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630

216.152.143.240

200 OK

70 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
70 kB (69783 bytes)
Hash
85218ac3a29d5549169b79dc31a8d431
4bb8a6ef163baa5ae3689cf8e24cbadb65a0f0b8
6f8a63a7d2b2ca47a29c0f55f1ed42cf8441599e43e16319086aabd498f36eab

HTTP Headers

GET /files/2021/08/photo-4-1.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 69783
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:14:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 11:14:52 GMT
Vary: Accept-Encoding
X-Varnish: 77171792 40266606
Age: 11808
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630

216.152.143.240

200 OK

75 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
75 kB (74821 bytes)
Hash
6d24dbcbceca6403670bbcba5e6a93c6
95472cfee45aa20a4dc28e790ddbf1deca8d496a
580d3f257d6c81d42af0324e1dd67353cd333a5464eed646495c7357057e7426

HTTP Headers

GET /files/2021/08/photo-6-1.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 74821
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 15:17:57 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 15:17:57 GMT
Vary: Accept-Encoding
X-Varnish: 73667202 71088923
Age: 11631
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif

216.152.143.240

302 Found

0 B

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com
Vary: Accept-Encoding
X-Varnish: 73197260 55176783
Age: 12209
Via: 1.1 varnish (Varnish/5.2)

sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1

216.152.143.240

200 OK

58 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
58 kB (58206 bytes)
Hash
142d9e9d8d9577418061b2714ade1e59
9fec5f85f6a0d2d08b8fc4ed222e2352e616ccee
3d3d17493567a4a2a2d8497af98ef85e6dedc97c9a2d62742e9ce1b010b6916d

HTTP Headers

GET /files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 58206
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 18:10:38 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 18:10:38 GMT
Vary: Accept-Encoding
X-Varnish: 77022722 76825004
Age: 1269
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630&ct=1

216.152.143.240

200 OK

86 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630&ct=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
86 kB (85883 bytes)
Hash
2b9604bb4b6615251d5955dd61211ac3
1a97e25f5a7a4703d44a7591535893226220c953
c67877150284b77e762c1ff3c591a1b8f2af9ef01f38ddfc15bbdadac361a094

HTTP Headers

GET /files/2021/08/photo-12.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 85883
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 18:31:48 GMT
Vary: Accept-Encoding
X-Varnish: 73304372
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1

216.152.143.240

200 OK

70 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
70 kB (69783 bytes)
Hash
85218ac3a29d5549169b79dc31a8d431
4bb8a6ef163baa5ae3689cf8e24cbadb65a0f0b8
6f8a63a7d2b2ca47a29c0f55f1ed42cf8441599e43e16319086aabd498f36eab

HTTP Headers

GET /files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 69783
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 18:04:05 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 18:04:05 GMT
Vary: Accept-Encoding
X-Varnish: 76925738 76119409
Age: 1663
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1

216.152.143.240

200 OK

75 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Size
75 kB (74821 bytes)
Hash
6d24dbcbceca6403670bbcba5e6a93c6
95472cfee45aa20a4dc28e790ddbf1deca8d496a
580d3f257d6c81d42af0324e1dd67353cd333a5464eed646495c7357057e7426

HTTP Headers

GET /files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 74821
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 17:28:49 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 17:28:49 GMT
Vary: Accept-Encoding
X-Varnish: 73304378 72114950
Age: 3778
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/leftcev.png

216.152.143.240

200 OK

50 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/leftcev.png
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 601 x 351, 8-bit colormap, non-interlaced\012- data
Size
50 kB (50493 bytes)
Hash
cd70395d31ef8ab4cbdc7c36ff756769
3975cb835f44b616af84477f40de8bb734447c40
1ec7acfb8cafb1680154f0a73c5b9949eef4978eed69f6f9f21ec3fe91e483ce

HTTP Headers

GET /files/2021/08/leftcev.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 50493
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:59:00 GMT
ETag: "7afd0d12b2b735c2c92c42a4ec77cd2b"
Expires: Sat, 22 Nov 2025 00:43:18 GMT
Vary: Accept-Encoding
X-Varnish: 73304384 68874851
Age: 12910
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/

216.152.143.240

200 OK

7.8 kB

URL HTTP/1.1
sullivanpaintinginc.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Size
7.8 kB (7822 bytes)
Hash
f9cedec3650a1c6404cb1296bd86434e
f465e66cfcb8252d73da229cd56e322b43ab8f74
7ecad5d64bb70ca82e97e749d000586cd2c6927ec59fb7843a72609eedc96fbb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7822
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73024706 73187957
Age: 549
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

sullivanpaintinginc.com/files/2021/08/leftcev.png?w=720&h=NaN&ct=1

216.152.143.240

200 OK

364 kB

URL HTTP/1.1
sullivanpaintinginc.com/files/2021/08/leftcev.png?w=720&h=NaN&ct=1
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
PNG image data, 720 x 420, 8-bit/color RGBA, non-interlaced\012- data
Size
364 kB (363860 bytes)
Hash
7c0c58c19a31d93e6dc4384d53bd6388
cfce4a9c71536775974c3d473a5c998cb3eaec5c
9a356ee5800cc5ce323e99f784c39057cfc5444d2f9c9aa53e62d79b353da49b

HTTP Headers

GET /files/2021/08/leftcev.png?w=720&h=NaN&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 363860
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 15:21:16 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 15:21:16 GMT
Vary: Accept-Encoding
X-Varnish: 72447505 70539428
Age: 11432
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ssl.google-analytics.com/ga.js

216.58.207.200

200 OK

17 kB

URL HTTP/2
ssl.google-analytics.com/ga.js
IP
216.58.207.200:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 21 Sep 2022 18:17:11 GMT
expires: Wed, 21 Sep 2022 20:17:11 GMT
cache-control: public, max-age=7200
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
age: 877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=428711150&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108714&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~

216.58.207.200

200 OK

35 B

URL HTTP/2
ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=428711150&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108714&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
IP
216.58.207.200:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=428711150&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108714&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Wed, 21 Sep 2022 07:14:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 40663
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=695656864&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108710&utmac=UA-125783245-121&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=464742374&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~

216.58.207.200

200 OK

35 B

URL HTTP/2
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=695656864&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108710&utmac=UA-125783245-121&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=464742374&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
IP
216.58.207.200:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=695656864&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108710&utmac=UA-125783245-121&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=464742374&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 21 Sep 2022 18:31:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sullivanpaintinginc.com/cms_websites/img/tsm-favicon.ico

216.152.143.240

200 OK

32 kB

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/img/tsm-favicon.ico
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
c7f1c4f34424d5247f9a2a24f3e2372c
247102bcd8a2a36f1dfa16a652002ade82ffa1b0
ed829bc8a78f82c88e5d0bcfb368a9f714b6c758b0354b057f9e083dfa4ddd6b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cms_websites/img/tsm-favicon.ico HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 32038
Connection: keep-alive
Last-Modified: Fri, 27 Sep 2019 00:16:11 GMT
ETag: "7d26-5937dcb170617"
Vary: Accept-Encoding
X-Varnish: 73304408 70818651
Age: 11704
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif

216.152.143.240

302 Found

0 B

URL HTTP/1.1
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663785109.2; __utmb=107688448.2.10.1663785109; __utmc=107688448; __utmz=107688448.1663785109.2.1.utmcsr=EmailMarketing|utmccn=2nd%20follow%20up%20to%20non%20openers%20merge%20campaign|utmcmd=email; __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com
Vary: Accept-Encoding
X-Varnish: 72930565 70984648
Age: 9930
Via: 1.1 varnish (Varnish/5.2)

sullivanpaintinginc.com/

216.152.143.240

200 OK

7.8 kB

URL HTTP/1.1
sullivanpaintinginc.com/
IP
216.152.143.240:0
ASN
#13768 COGECO-PEER1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Size
7.8 kB (7822 bytes)
Hash
f9cedec3650a1c6404cb1296bd86434e
f465e66cfcb8252d73da229cd56e322b43ab8f74
7ecad5d64bb70ca82e97e749d000586cd2c6927ec59fb7843a72609eedc96fbb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663785109.2; __utmb=107688448.2.10.1663785109; __utmc=107688448; __utmz=107688448.1663785109.2.1.utmcsr=EmailMarketing|utmccn=2nd%20follow%20up%20to%20non%20openers%20merge%20campaign|utmcmd=email; __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7822
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 77022757 76880399
Age: 947
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7060 bytes)
Hash
c92f202bddcfee6efac41bcc25be5745
9d297544318ff34f839678d8b358290ab6bd62a8
f471aaff7c08c60905cff5b1c9d4b669a3179574493d23d27e681110688af6b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 69e8f4d4-2360-4124-a9e9-9cce3dd43da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0NWEgmIAMFusQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a33ee-0f4861c226117d70664b8612;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kj4FQUvvo13Yrwu_bKqee64IMn6X0UXlOJQ3fh40qejOi-3dtCrEYg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 74156
etag: "9d297544318ff34f839678d8b358290ab6bd62a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19a7100-8d4f-4c0a-8865-191670cb2db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6667 bytes)
Hash
9c4ba493d60a12accc1dc9c3299fa01d
65886e11d9f792452cceea23444722ff4028b081
b287b0bf2b3dc834a657dc98a9eef006577554306fa481bbc9de5a16943129f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19a7100-8d4f-4c0a-8865-191670cb2db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6667
x-amzn-requestid: 1798057c-208d-471e-8d5c-602631418afd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1nHvsoAMF23A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-121c21f710767cde77a06945;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vdjC0dj8L5qN-SdmlBD_TD0T0hdFtWzmnC9_AdJVP5qTi9dWz6_K9g==
via: 1.1 e71753cf85369390852fdcb22bf59aa8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:40:13 GMT
age: 75101
etag: "65886e11d9f792452cceea23444722ff4028b081"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML