firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 18:13:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kCqusj-UsCmjK6kl5g02iPmd9j2u_kCTiNJvTa_4x1i-w_Q7cvJIOA==
Age: 1086
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5333
Expires: Wed, 21 Sep 2022 20:00:38 GMT
Date: Wed, 21 Sep 2022 18:31:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jjxfvn1qfjRSLUFrsloh2Llw40mmGj5F0GrY2O0IsWHvt8nZCDsYSw==
age: 50192
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 18:31:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e1a5f4466e9cd1c5e0b93b1b26a07966
af5a8af6b29287dd12604ed02917f0af90226124
9e41876ca054149584bff65d15f135d953cbf043500e131d1c2f66f2534f51d5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 18:31:45 GMT
Last-Modified: Wed, 21 Sep 2022 18:04:55 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Szn9xmZCgcK-ZjvqgfkRKl2zTBYPIh0XrrakFNKA_jZn0cznPtn_Qw==
Age: 1610
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 18:03:22 GMT
Expires: Wed, 21 Sep 2022 18:51:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 33CF3a-LNwDsJ0AooBwGCuCnzE09L9QSk1YVT9soQgM0BSS3wz1O2A==
Age: 1703
105344.io.directiq12.com/hit?sid=32de3oh2z3eqds750x&linkid=0&link=0bde4e26c0594832b64d000d7f85d4a5
54.157.101.61302 Found 0 B URL HTTP/2 105344.io.directiq12.com/hit?sid=32de3oh2z3eqds750x&linkid=0&link=0bde4e26c0594832b64d000d7f85d4a5
IP 54.157.101.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?sid=32de3oh2z3eqds750x&linkid=0&link=0bde4e26c0594832b64d000d7f85d4a5 HTTP/1.1
Host: 105344.io.directiq12.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 21 Sep 2022 18:31:45 GMT
content-length: 0
location: http://www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
apigw-requestid: Y0rGyhphoAMESdg=
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1978
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:45 GMT
Last-Modified: Wed, 21 Sep 2022 17:58:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
216.152.143.240301 Moved Permanently 178 B URL HTTP/1.1 www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign HTTP/1.1
Host: www.sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 18:31:46 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
push.services.mozilla.com/
44.238.202.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.202.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /PvQ34JeO6kVNKl76ETUvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jjojz5FXY7Qx+xCtAE39j4pSe28=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d46f8de768a875577f99041641daec7
8b640ff702b62cc8bf5617a40766301091603417
15e69d785afb803e571e54fde6e3239034bf90ee12bc7d93719e9c9dabb45cf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15E69D785AFB803E571E54FDE6E3239034BF90EE12BC7D93719E9C9DABB45CF5"
Last-Modified: Tue, 20 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Wed, 21 Sep 2022 20:07:48 GMT
Date: Wed, 21 Sep 2022 18:31:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8962
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 18:31:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8962
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 18:31:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8962
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 18:31:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:07:08 GMT
age: 73478
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 73009
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: 59e98571-f927-44b3-b088-29ec1e4cc3bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYxD-FnIIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202ee6-14e47d9a3ae47d0f607033a8;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:19:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 55e0txtcytlUpcNWSLrHWN3FC1t4dMHGTrHGhNV7YFIhOz6c45UcCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:43:54 GMT
age: 20872
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 83594
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NzOpixfxr2pFiDhF5WUGmjD8r2CTn1grSkCEyWvthxRq0djbDKjknA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:15:05 GMT
age: 73001
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nSWUmBqJPIBYNoLtyrfAN7CK4367b6TEku9eki8BGJVdTWW3dSyckw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 06:45:55 GMT
age: 42351
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
216.152.143.240301 Moved Permanently 0 B URL HTTP/1.1 www.sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
IP 216.152.143.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign HTTP/1.1
Host: www.sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 18:31:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Vary: Accept-Encoding
X-Varnish: 73024585
Age: 0
Via: 1.1 varnish (Varnish/5.2)
sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
216.152.143.240200 OK 7.9 kB URL HTTP/1.1 sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Hash ca713f98711b26296e97d2f72ba5088a
3c48cab443eeeb7275035353c6f04f59eec8c842
87404d3da96c853a235c83598b4580cc9823b550f3748e0ec0f183a18567820b
GET /?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7945
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73197130 73186346
Age: 1164
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
142.250.74.106200 OK 7.3 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11
IP 142.250.74.106:0
File type ASCII text, with very long lines (28290)
Hash 29cec33e497be5e450f9703d98efca3b
4bcb24406115ca93d35ba145b78234b6f5e5d135
287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012
GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 06:39:09 GMT
expires: Sun, 17 Sep 2023 06:39:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 388358
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/seg?add=27369987&t=1
37.252.172.250307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=27369987&t=1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=27369987&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
AN-X-Request-Uuid: 752fc053-f755-492d-a579-f519a38188b7
Set-Cookie: uuid2=8727575681543120562; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/px?id=1510158&t=1
37.252.172.250307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1510158&t=1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1510158&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
AN-X-Request-Uuid: 6857e14b-e290-437d-a74a-5709587bae50
Set-Cookie: uuid2=4114107305353922303; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
37.252.172.250200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D27369987%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 2353133f-3716-409c-a714-02cc32cba150
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVSiF0/-!]tbP6j2F-XstGt!@DgW$p1kt; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
37.252.172.250200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1510158%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: affa806e-b606-409c-a7bf-93be0820b7b0
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700&ver=248_11
IP 142.250.74.10:0
Hash 6ec234fb6044f368cc2c8e0a29ad66e9
dc5dacf4412c9d96d8184d8ab8e0cddaffd33296
da2bff81406947ec634fcf3ecf12329548c51bd726b170a5c56452a7e5d937c6
GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 18:31:47 GMT
date: Wed, 21 Sep 2022 18:31:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
216.152.143.240200 OK 56 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
IP 216.152.143.240:0
File type ASCII text, with very long lines (728)
Hash 96e5755dcdc8411f20309eba06090553
673daa8b541f7a365cdf0cd81b6dfbca82e4801b
660487676b070f91f351c10f6f9d76a3273f3d30cab85aa700ad1516cf094b3b
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: text/css
Content-Length: 56238
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:43 GMT
ETag: "865b5-5e8acea238e87-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 72930533 72439660
Age: 555
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js
216.152.143.240200 OK 24 kB URL HTTP/1.1 sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (31984)
Hash df8cb58860540fe37f48ebdd01d4f7e2
7abdbe3fd4184ea1230dd6f35391778a0a79be88
a5e0db722a02983ddd7c0687cad6b966d7f5f842b80a4c510b390cc6441ee231
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 24449
Connection: keep-alive
Last-Modified: Thu, 14 Apr 2022 01:14:55 GMT
ETag: "17d03-5dc9305909e30-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73197179 71107808
Age: 13255
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
216.152.143.240200 OK 465 B URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (1164), with no line terminators
Hash ae9e1ea6af46bf62a7469101eb4a8f55
e94958da3bfd259c99019190f6c4e449e0c16aee
bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:35 GMT
ETag: "48c-5d727b353ed35-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 8091920 55231115
Age: 13384
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/cms_custom_css.php?ver=248_11
216.152.143.240200 OK 3.4 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/cms_custom_css.php?ver=248_11
IP 216.152.143.240:0
File type ASCII text, with very long lines (443)
Hash af6cfac463e458f4a779100b8e44351f
fc843a22eb110fdf842ece1c4dbb6e72ffe97109
fcdd8b1b5ee1be506bb0ca1380592c8dba860ee68dc05ea3ea8de3ab718ddf89
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/cms_custom_css.php?ver=248_11 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 3430
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 53113545 54001128
Age: 1289
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11
216.152.143.240200 OK 8.4 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11
IP 216.152.143.240:0
File type ASCII text, with very long lines (483)
Hash 2c4b91c9eee090790f2f9500b21960a3
ff3020cfcff7cdf54983ea1365ce111f8822544f
336027df12f5b20aa1dad52a50300aa5319baf5c69b4d0860b443343e0bf5116
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: text/css;charset=UTF-8
Content-Length: 8440
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 77022651 76505437
Age: 1102
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3
216.152.143.240200 OK 5.8 kB URL HTTP/1.1 sullivanpaintinginc.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP 216.152.143.240:0
File type ASCII text, with very long lines (16194)
Hash 0de80519eb796dc06fa34efcf454c797
1274f536f1c2c51ad2b0c0f121da21cc43854ea5
059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 5822
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 18:16:47 GMT
ETag: "401a-59378c5d12306-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73197190 71306672
Age: 12440
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
216.152.143.240200 OK 517 B URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/tools/GAEventTracking/js/scripts.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (1015), with no line terminators
Hash 09a9e3bc0d18d851d1276481ed543c9e
87f953897b9f07e27e0b080a4320a9b78fc80167
9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:41 GMT
ETag: "3f7-5d727b3a6c8f4-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 61920081 58618043
Age: 11717
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js
216.152.143.240200 OK 433 kB URL HTTP/1.1 sullivanpaintinginc.com/wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (65350)
Size 433 kB (432702 bytes)
Hash aa24aa3a0a9984210198ac91297db647
2108d2f01c37149228877a9672d866c08f5daee6
ce55bf8849d63b8767c7fd032fb9277ffec0bb103ca26ad3b66b330208f3855f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 432702
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:26 GMT
ETag: "11e248-5a7d7dcb4d5ff-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 72187758 73370552
Age: 1283
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/js/external/scripts.js
216.152.143.240200 OK 121 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/js/external/scripts.js
IP 216.152.143.240:0
File type ASCII text, with very long lines (32077)
Size 121 kB (120679 bytes)
Hash 2b2400ce27b4d1d8ceca82bed3e8bad2
2ebaca6538cccffd5a042f53e46a18b2133acb9a
bd364f13dac56e31208849b685194592c91631fa41a8c396c5346417fccc47e7
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/js/external/scripts.js HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: application/javascript
Content-Length: 120679
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "634a9-5c189ea477bf3-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 8091922 72115716
Age: 3874
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/tj642X385.png
216.152.143.240200 OK 61 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/tj642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c489c000b428df8a63bdd7b17dc3bc0
40604409cd93ca8f2953db7a202cdc551ebd9aa3
26c814d49311c2495b5d119e29961e8d3bed2d7a72d600d044c44e5c72412ad8
GET /files/2021/08/tj642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 60559
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:18 GMT
ETag: "32f0295df92561381f0fe57a28a4c740"
Expires: Sat, 22 Nov 2025 03:29:10 GMT
Vary: Accept-Encoding
X-Varnish: 73703183 51375025
Age: 2957
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg
216.152.143.240200 OK 14 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 642x385, components 3\012- data
Hash 010c225c2d030c6226f2c7c073291a8d
3dc3de7db6ff28898f3d3cbc1b5382276a088ef1
e449cfdfc4eff75f385d48738f7bd306d4dab821b17cd3f3cb6db363a50dc796
GET /files/2021/08/New_Walmart_Logo.svg-e1519222902338.jpg HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/jpeg
Content-Length: 13877
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:57 GMT
ETag: "a3f60a53cc10fcc69329bb02c2dbb3a5"
Expires: Sat, 22 Nov 2025 03:08:27 GMT
Vary: Accept-Encoding
X-Varnish: 76884641 56292525
Age: 4200
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sullivanpaintinginc.com/files/2021/08/La-Fitness.png
216.152.143.240200 OK 40 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/La-Fitness.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a4218de366f5961ed9ecdce63d21c5f
83edba3651484b8da1a78727bcb7fac790fb274f
b580fb3909ffa90604d4256aaf73be4e9dc1c8d6903c43f7c879d1267719f009
GET /files/2021/08/La-Fitness.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 39453
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:36 GMT
ETag: "65f838cec5daa4e0a380884694157f29"
Expires: Sat, 22 Nov 2025 04:10:47 GMT
Vary: Accept-Encoding
X-Varnish: 73290309 73191896
Age: 460
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/verizon642X385.png
216.152.143.240200 OK 33 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/verizon642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash f8e51ebe06db6f46f5ffe3cc4abd3b41
ae3a580d9969911203f51b98af7332970efd1645
b5364a9235112633f66b79754fd081057624a4a9a52ea099303ff0ad2e97a2f9
GET /files/2021/08/verizon642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 33334
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:49 GMT
ETag: "4257cb474a9860d345de497f4a232a27"
Expires: Sat, 22 Nov 2025 00:52:57 GMT
Vary: Accept-Encoding
X-Varnish: 70840435 55208479
Age: 12330
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/Circle-K.png
216.152.143.240200 OK 36 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/Circle-K.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash ee59b35401f61a67a1ee4772a2463a24
0a52dbc3c65d70507cc03e1eef31509dcbdde60b
1667de01b6ead446b5fc0db7ffb54cf042308c098819524f159091df2482553c
GET /files/2021/08/Circle-K.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 35784
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:42 GMT
ETag: "8d83e9fd94609f19ad93162380c80054"
Expires: Sat, 22 Nov 2025 03:50:44 GMT
Vary: Accept-Encoding
X-Varnish: 76925655 76119351
Age: 1663
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X
142.250.74.72200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N77HQ5X
IP 142.250.74.72:0
File type ASCII text, with very long lines (2082)
Hash 2c1f5513d6f78fca9ef2f8702f7d789b
070c005cef18dce990bed943e75ae34a0d22f47d
5cf6c8e96c0a2dc7c0d9c477937050d09ca18d1038b756edd94b8205d7efaa5c
GET /gtm.js?id=GTM-N77HQ5X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 18:31:48 GMT
expires: Wed, 21 Sep 2022 18:31:48 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sullivanpaintinginc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:38:37 GMT
expires: Tue, 19 Sep 2023 21:38:37 GMT
cache-control: public, max-age=31536000
age: 161591
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sullivanpaintinginc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 525090
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sullivanpaintinginc.com/files/2021/08/cbre642X385-01.png
216.152.143.240200 OK 70 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/cbre642X385-01.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash 266a961fdc43c8e249dcdd300abeaa20
003ca4e7fd5519a29f2a1bb8f5be4c7d4b965528
43aaf15c95d81e59cf998e26d7c5876b65938cc2d96e014bb2d47b87fa558b03
GET /files/2021/08/cbre642X385-01.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 69950
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:29 GMT
ETag: "b18c1d3bddf6843faa2d46f2a7b75d50"
Expires: Sat, 22 Nov 2025 03:31:46 GMT
Vary: Accept-Encoding
X-Varnish: 76884639 76616367
Age: 2801
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/marriott642X385.png
216.152.143.240200 OK 87 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/marriott642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash a28a41b221c3d4848b1363167650a564
967bdeba91dd04c898e934e8000de3821811863a
e1c3e218cae1056e8841236bfd0039e0ecae4605beb13b651d9c1ea481d24fb6
GET /files/2021/08/marriott642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 86901
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:11 GMT
ETag: "199a03903326686b02b329fa48f80b78"
Expires: Sat, 22 Nov 2025 01:03:10 GMT
Vary: Accept-Encoding
X-Varnish: 73667191 65726275
Age: 11717
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/Walgreens642X285.png
216.152.143.240200 OK 108 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/Walgreens642X285.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (108477 bytes)
Hash 47a103ed57a7d665591700e746bec89e
368dd40445452b14f499e9e1f001a7716d1d3f1f
2cb95706eeee3125153d93a4447d4ba6ecdc498ac1ca471ae0c337bef0d8bd9d
GET /files/2021/08/Walgreens642X285.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 108477
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:34 GMT
ETag: "9257216b12053974078234b516f7ee95"
Expires: Sat, 22 Nov 2025 00:35:22 GMT
Vary: Accept-Encoding
X-Varnish: 77171780 58504664
Age: 13385
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048
216.152.143.240200 OK 16 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048
IP 216.152.143.240:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Hash d7e0105a1d89d3a302e09d50c6d808c9
34eb40751fb3f70ffbae2f4270eb73b54349d982
cab4658b86b05ecfabd81a7f07837ff0d3a38cad66972bc583b7c3b1e1eb00ad
GET /cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: application/font-sfnt
Content-Length: 16112
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:45 GMT
ETag: "3ef0-5e8acea36f0e7"
Vary: Accept-Encoding
X-Varnish: 76993342 76839140
Age: 382
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sullivanpaintinginc.com/files/2021/08/ph642X385.png
216.152.143.240200 OK 147 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/ph642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size 147 kB (146961 bytes)
Hash 7ea8d1d877680ab303f0e39b8a2bf72a
b24e15bf90f81a8842c3af9df9c5506804f17a95
469a12770a5756186a08eab34917369264c3d2a45c7c26aa6904c9e7f7f4a22c
GET /files/2021/08/ph642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:47 GMT
Content-Type: image/png
Content-Length: 146961
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:24 GMT
ETag: "90793a01df7212c5ed393de4c9f03a7b"
Expires: Sat, 22 Nov 2025 03:57:12 GMT
Vary: Accept-Encoding
X-Varnish: 73304328 72756897
Age: 1275
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
216.152.143.240200 OK 2.1 kB URL HTTP/1.1 sullivanpaintinginc.com/wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif
IP 216.152.143.240:0
File type gzip compressed data, max compression\012- data
Hash 6e380fc33ba72dc28290d5058ccb88ef
90e6e9869611d588f66f95ef21d94cb71ebb4c6a
dea5573b021878789c4f4f6fe4a69977f1fb1d48fe57485f2b68a4e78237167b
GET /wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/gif
Content-Length: 1097
Connection: keep-alive
Last-Modified: Fri, 11 Oct 2013 16:05:10 GMT
ETag: "449-4e87948635980"
Vary: Accept-Encoding
X-Varnish: 76925689 76848367
Age: 1584
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/carhartt642X385-2.png
216.152.143.240200 OK 70 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/carhartt642X385-2.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash e366800160d4fbe1bf6a5ceff50002c2
6552a3fde6730f8fa9e24e1f491fc13b238eb96d
c1674d2fb5bcf644137ece81931800c5f6a19142f040247f0c0711e908580e18
GET /files/2021/08/carhartt642X385-2.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 70107
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:43 GMT
ETag: "94ee14cd537b9ce21a06ad1a46115b9f"
Expires: Sat, 22 Nov 2025 03:32:26 GMT
Vary: Accept-Encoding
X-Varnish: 73025855 71128641
Age: 2761
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/clark642X385-1.png
216.152.143.240200 OK 74 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/clark642X385-1.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e1b1d258af43ae0c28c50aedab52d9e
c9becefe17eb30b5c197b108747c518868ae4fe6
b68e4b809430eb9cd6ad8168396efd683ee426f986ac5a27c832b0e5dac53bb1
GET /files/2021/08/clark642X385-1.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 74279
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:49 GMT
ETag: "8c76ceef6c44fa14e57e436133eccff5"
Expires: Sat, 22 Nov 2025 03:23:20 GMT
Vary: Accept-Encoding
X-Varnish: 73537397 55588343
Age: 3307
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg
216.152.143.240200 OK 166 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg
IP 216.152.143.240:0
File type JPEG image data, progressive, precision 8, 2048x728, components 3\012- data
Size 166 kB (166017 bytes)
Hash 7adec28d845a0571b818af4b44766454
bbb85ff9515c7592a46e8971c1e176c24ab1d2c8
5963f13a0fc1a118485c1bec965302ce6b6cd7a245ed7d30aafa06af9559a79f
GET /files/2021/08/19466372_1516307811772997_451783811888021088_o.jpg HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 166017
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 14:12:54 GMT
ETag: "d2f8968e4f06d613b19f4db5029cf4e6"
Expires: Sat, 22 Nov 2025 00:52:56 GMT
Vary: Accept-Encoding
X-Varnish: 76993340 55439488
Age: 12331
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/heartland-dental642X385.png
216.152.143.240200 OK 105 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/heartland-dental642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size 105 kB (105276 bytes)
Hash 4b17eee02cf1c348f87cc99e9faccf7c
038539950e2a61aaef8025e5c22c9b478454aa35
1a746f25d06f2b8f01662ef5e6d2b38cefbc7252e6bac2d1252b6b065c2421d0
GET /files/2021/08/heartland-dental642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 105276
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:38:05 GMT
ETag: "ed923566ac9ac40d283d239176a730b6"
Expires: Sat, 22 Nov 2025 01:04:36 GMT
Vary: Accept-Encoding
X-Varnish: 73304346 70374684
Age: 11631
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/Yard-House-642X385.png
216.152.143.240200 OK 116 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/Yard-House-642X385.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Size 116 kB (115825 bytes)
Hash 906667ca55e1933d00f141b91df8842a
bca4b54f7d423d98cd9bbef9be3845b44a92b8cd
6d39e845e98f3f03fef65860b89c033ac9cb46c499bf04e9b1a2461a110420af
GET /files/2021/08/Yard-House-642X385.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 115825
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:39:04 GMT
ETag: "532ebaa663f5cbce17a23419b525f03a"
Expires: Sat, 22 Nov 2025 01:04:36 GMT
Vary: Accept-Encoding
X-Varnish: 77022690 74484533
Age: 11631
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
secure.adnxs.com/seg?add=27369987&t=1
37.252.172.250307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=27369987&t=1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=27369987&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
AN-X-Request-Uuid: 325c7281-8e9e-4b7e-9489-a1c184add1e7
Set-Cookie: uuid2=3534680227647956989; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
37.252.172.250200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27369987%26t%3D1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D27369987%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 36e967b2-ebaf-482a-8167-19200b2da31f
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVIiF0/-!]tbP6j2F-XstGt!@DhF$pW+x; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sullivanpaintinginc.com/files/2021/08/photo-6-scaled.jpg?w=1600&a=t
216.152.143.240200 OK 440 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-6-scaled.jpg?w=1600&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x1125, components 3\012- data
Size 440 kB (440545 bytes)
Hash 9ab33668b61cdbcbaa3ef332c603f896
9d6e20cb5bb3ddf4b7536cf584a9fdf30cb4211f
58abc67ef66ffea7dc2341f6e1b740dcdb3f9d38b8ab4935acff1b553e4e47a0
GET /files/2021/08/photo-6-scaled.jpg?w=1600&a=t HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 440545
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 14:56:37 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 14:56:37 GMT
Vary: Accept-Encoding
X-Varnish: 72447463 70522957
Age: 12911
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/container642X385-2.png
216.152.143.240200 OK 90 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/container642X385-2.png
IP 216.152.143.240:0
File type PNG image data, 642 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash 7495f836d4b02c725fcaf0b6ced3e097
7fe889b299d9913fb592a5042551ebf69d6469dd
987911300894b928499c9fe309b613058988b001ca15018959ef12f7ff3c6191
GET /files/2021/08/container642X385-2.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 90104
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:37:57 GMT
ETag: "5422b25c2baaf08f8c179a0fa217742b"
Expires: Sat, 22 Nov 2025 03:58:34 GMT
Vary: Accept-Encoding
X-Varnish: 77022686 76877267
Age: 1194
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630
216.152.143.240200 OK 86 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 2b9604bb4b6615251d5955dd61211ac3
1a97e25f5a7a4703d44a7591535893226220c953
c67877150284b77e762c1ff3c591a1b8f2af9ef01f38ddfc15bbdadac361a094
GET /files/2021/08/photo-12.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 85883
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 17:47:00 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 17:47:00 GMT
Vary: Accept-Encoding
X-Varnish: 73197245 72776306
Age: 2688
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
secure.adnxs.com/px?id=1510158&t=1
37.252.172.250307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1510158&t=1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1510158&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
AN-X-Request-Uuid: da5d6eb4-a2ff-44f1-98f7-43ecf09ed10b
Set-Cookie: uuid2=1437257209706595613; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Dec-2022 18:31:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sullivanpaintinginc.com/files/2021/08/rightcev.png
216.152.143.240200 OK 182 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/rightcev.png
IP 216.152.143.240:0
File type PNG image data, 800 x 533, 8-bit colormap, non-interlaced\012- data
Size 182 kB (181512 bytes)
Hash 54a408a7503181ecb9f1c59fe829d4e5
03a7ffc802057a8186135301d4385f1028d195d4
5c6320e88131f1acd1d3020dcda7058fc3df8cdb870715378952a7b99911a8ca
GET /files/2021/08/rightcev.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 181512
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:59:00 GMT
ETag: "7afd0d12b2b735c2c92c42a4ec77cd2b"
Expires: Sat, 22 Nov 2025 04:07:54 GMT
Vary: Accept-Encoding
X-Varnish: 73290346 73059319
Age: 633
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630
216.152.143.240200 OK 58 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 142d9e9d8d9577418061b2714ade1e59
9fec5f85f6a0d2d08b8fc4ed222e2352e616ccee
3d3d17493567a4a2a2d8497af98ef85e6dedc97c9a2d62742e9ce1b010b6916d
GET /files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 58206
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 18:31:48 GMT
Vary: Accept-Encoding
X-Varnish: 77022705
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
37.252.172.250200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1510158%26t%3D1
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1510158%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 43b65a3f-fc66-4d7e-a385-bb8f43491fc8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sullivanpaintinginc.com/files/2021/08/photo-20-1.jpg?w=1600&a=t
216.152.143.240200 OK 403 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-20-1.jpg?w=1600&a=t
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x1125, components 3\012- data
Size 403 kB (403434 bytes)
Hash c240df93704b267b7e4b87c4adf05c03
a98dfbd6c2a97041b68b9609eac7cd30f606ec49
abd0410aa32674a6b62b0608a727099e621d44f04bc5d89e729d1ff84db7c3d0
GET /files/2021/08/photo-20-1.jpg?w=1600&a=t HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 403434
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 18:12:07 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 18:12:07 GMT
Vary: Accept-Encoding
X-Varnish: 72447477 71198759
Age: 1180
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630
216.152.143.240200 OK 70 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 85218ac3a29d5549169b79dc31a8d431
4bb8a6ef163baa5ae3689cf8e24cbadb65a0f0b8
6f8a63a7d2b2ca47a29c0f55f1ed42cf8441599e43e16319086aabd498f36eab
GET /files/2021/08/photo-4-1.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 69783
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 11:14:52 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 11:14:52 GMT
Vary: Accept-Encoding
X-Varnish: 77171792 40266606
Age: 11808
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630
216.152.143.240200 OK 75 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 6d24dbcbceca6403670bbcba5e6a93c6
95472cfee45aa20a4dc28e790ddbf1deca8d496a
580d3f257d6c81d42af0324e1dd67353cd333a5464eed646495c7357057e7426
GET /files/2021/08/photo-6-1.jpg?w=420&h=630 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 74821
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 15:17:57 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 15:17:57 GMT
Vary: Accept-Encoding
X-Varnish: 73667202 71088923
Age: 11631
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif
216.152.143.240302 Found 0 B URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif
IP 216.152.143.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com
Vary: Accept-Encoding
X-Varnish: 73197260 55176783
Age: 12209
Via: 1.1 varnish (Varnish/5.2)
sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1
216.152.143.240200 OK 58 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 142d9e9d8d9577418061b2714ade1e59
9fec5f85f6a0d2d08b8fc4ed222e2352e616ccee
3d3d17493567a4a2a2d8497af98ef85e6dedc97c9a2d62742e9ce1b010b6916d
GET /files/2021/08/209227934_5616955918374812_7685061405128845242_n.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 58206
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 18:10:38 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 18:10:38 GMT
Vary: Accept-Encoding
X-Varnish: 77022722 76825004
Age: 1269
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630&ct=1
216.152.143.240200 OK 86 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-12.jpg?w=420&h=630&ct=1
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 2b9604bb4b6615251d5955dd61211ac3
1a97e25f5a7a4703d44a7591535893226220c953
c67877150284b77e762c1ff3c591a1b8f2af9ef01f38ddfc15bbdadac361a094
GET /files/2021/08/photo-12.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 85883
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 18:31:48 GMT
Vary: Accept-Encoding
X-Varnish: 73304372
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1
216.152.143.240200 OK 70 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 85218ac3a29d5549169b79dc31a8d431
4bb8a6ef163baa5ae3689cf8e24cbadb65a0f0b8
6f8a63a7d2b2ca47a29c0f55f1ed42cf8441599e43e16319086aabd498f36eab
GET /files/2021/08/photo-4-1.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 69783
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 18:04:05 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 18:04:05 GMT
Vary: Accept-Encoding
X-Varnish: 76925738 76119409
Age: 1663
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1
216.152.143.240200 OK 75 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1
IP 216.152.143.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 420x630, components 3\012- data
Hash 6d24dbcbceca6403670bbcba5e6a93c6
95472cfee45aa20a4dc28e790ddbf1deca8d496a
580d3f257d6c81d42af0324e1dd67353cd333a5464eed646495c7357057e7426
GET /files/2021/08/photo-6-1.jpg?w=420&h=630&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/jpeg
Content-Length: 74821
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 17:28:49 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 17:28:49 GMT
Vary: Accept-Encoding
X-Varnish: 73304378 72114950
Age: 3778
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/leftcev.png
216.152.143.240200 OK 50 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/leftcev.png
IP 216.152.143.240:0
File type PNG image data, 601 x 351, 8-bit colormap, non-interlaced\012- data
Hash cd70395d31ef8ab4cbdc7c36ff756769
3975cb835f44b616af84477f40de8bb734447c40
1ec7acfb8cafb1680154f0a73c5b9949eef4978eed69f6f9f21ec3fe91e483ce
GET /files/2021/08/leftcev.png HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 50493
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2021 15:59:00 GMT
ETag: "7afd0d12b2b735c2c92c42a4ec77cd2b"
Expires: Sat, 22 Nov 2025 00:43:18 GMT
Vary: Accept-Encoding
X-Varnish: 73304384 68874851
Age: 12910
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/
216.152.143.240200 OK 7.8 kB IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Hash f9cedec3650a1c6404cb1296bd86434e
f465e66cfcb8252d73da229cd56e322b43ab8f74
7ecad5d64bb70ca82e97e749d000586cd2c6927ec59fb7843a72609eedc96fbb
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7822
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 73024706 73187957
Age: 549
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
sullivanpaintinginc.com/files/2021/08/leftcev.png?w=720&h=NaN&ct=1
216.152.143.240200 OK 364 kB URL HTTP/1.1 sullivanpaintinginc.com/files/2021/08/leftcev.png?w=720&h=NaN&ct=1
IP 216.152.143.240:0
File type PNG image data, 720 x 420, 8-bit/color RGBA, non-interlaced\012- data
Size 364 kB (363860 bytes)
Hash 7c0c58c19a31d93e6dc4384d53bd6388
cfce4a9c71536775974c3d473a5c998cb3eaec5c
9a356ee5800cc5ce323e99f784c39057cfc5444d2f9c9aa53e62d79b353da49b
GET /files/2021/08/leftcev.png?w=720&h=NaN&ct=1 HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/png
Content-Length: 363860
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 15:21:16 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Sat, 01 Oct 2022 15:21:16 GMT
Vary: Accept-Encoding
X-Varnish: 72447505 70539428
Age: 11432
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
216.58.207.200200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 216.58.207.200:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 21 Sep 2022 18:17:11 GMT
expires: Wed, 21 Sep 2022 20:17:11 GMT
cache-control: public, max-age=7200
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
age: 877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=428711150&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108714&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
216.58.207.200200 OK 35 B URL HTTP/2 ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=428711150&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108714&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
IP 216.58.207.200:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=428711150&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108714&utmac=UA-26792682-1&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=&utmmt=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Wed, 21 Sep 2022 07:14:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 40663
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=695656864&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108710&utmac=UA-125783245-121&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=464742374&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
216.58.207.200200 OK 35 B URL HTTP/2 ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=695656864&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108710&utmac=UA-125783245-121&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=464742374&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~
IP 216.58.207.200:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=695656864&utmhn=sullivanpaintinginc.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sullivan%20Commercial%20Painting%20%7C%20Commercial%20Painting%20Company%20in%20Boston%2C%20MA%20%26%20St%20Petersburg%2C%20FL&utmhid=12515549&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_source%3DEmailMarketing%26utm_campaign%3D2nd%2Bfollow%2Bup%2Bto%2Bnon%2Bopeners%2Bmerge%2Bcampaign&utmht=1663785108710&utmac=UA-125783245-121&utmdid=i9k95&utmcc=__utma%3D107688448.1560464710.1663776819.1663776819.1663785109.2%3B%2B__utmz%3D107688448.1663785109.2.1.utmcsr%3DEmailMarketing%7Cutmccn%3D2nd%2520follow%2520up%2520to%2520non%2520openers%2520merge%2520campaign%7Cutmcmd%3Demail%3B&utmjid=464742374&utmredir=1&utmu=qAAAgAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 21 Sep 2022 18:31:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sullivanpaintinginc.com/cms_websites/img/tsm-favicon.ico
216.152.143.240200 OK 32 kB URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/img/tsm-favicon.ico
IP 216.152.143.240:0
File type MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash c7f1c4f34424d5247f9a2a24f3e2372c
247102bcd8a2a36f1dfa16a652002ade82ffa1b0
ed829bc8a78f82c88e5d0bcfb368a9f714b6c758b0354b057f9e083dfa4ddd6b
Analyzer Verdict Alert fortinet Phishing
GET /cms_websites/img/tsm-favicon.ico HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/?utm_medium=email&utm_source=EmailMarketing&utm_campaign=2nd+follow+up+to+non+openers+merge+campaign
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663776819.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 32038
Connection: keep-alive
Last-Modified: Fri, 27 Sep 2019 00:16:11 GMT
ETag: "7d26-5937dcb170617"
Vary: Accept-Encoding
X-Varnish: 73304408 70818651
Age: 11704
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 18:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif
216.152.143.240302 Found 0 B URL HTTP/1.1 sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif
IP 216.152.143.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cms_websites/css/dist/beacon-theme_charlotte/bkgs/ajax-loader.gif HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663785109.2; __utmb=107688448.2.10.1663785109; __utmc=107688448; __utmz=107688448.1663785109.2.1.utmcsr=EmailMarketing|utmccn=2nd%20follow%20up%20to%20non%20openers%20merge%20campaign|utmcmd=email; __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Sep 2022 18:31:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sullivanpaintinginc.com
Vary: Accept-Encoding
X-Varnish: 72930565 70984648
Age: 9930
Via: 1.1 varnish (Varnish/5.2)
sullivanpaintinginc.com/
216.152.143.240200 OK 7.8 kB IP 216.152.143.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1108), with CRLF, LF line terminators
Hash f9cedec3650a1c6404cb1296bd86434e
f465e66cfcb8252d73da229cd56e322b43ab8f74
7ecad5d64bb70ca82e97e749d000586cd2c6927ec59fb7843a72609eedc96fbb
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sullivanpaintinginc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sullivanpaintinginc.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Cookie: __utma=107688448.1560464710.1663776819.1663776819.1663785109.2; __utmb=107688448.2.10.1663785109; __utmc=107688448; __utmz=107688448.1663785109.2.1.utmcsr=EmailMarketing|utmccn=2nd%20follow%20up%20to%20non%20openers%20merge%20campaign|utmcmd=email; __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 18:31:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7822
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 77022757 76880399
Age: 947
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92f202bddcfee6efac41bcc25be5745
9d297544318ff34f839678d8b358290ab6bd62a8
f471aaff7c08c60905cff5b1c9d4b669a3179574493d23d27e681110688af6b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 69e8f4d4-2360-4124-a9e9-9cce3dd43da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0NWEgmIAMFusQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a33ee-0f4861c226117d70664b8612;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kj4FQUvvo13Yrwu_bKqee64IMn6X0UXlOJQ3fh40qejOi-3dtCrEYg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 74156
etag: "9d297544318ff34f839678d8b358290ab6bd62a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19a7100-8d4f-4c0a-8865-191670cb2db4.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19a7100-8d4f-4c0a-8865-191670cb2db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c4ba493d60a12accc1dc9c3299fa01d
65886e11d9f792452cceea23444722ff4028b081
b287b0bf2b3dc834a657dc98a9eef006577554306fa481bbc9de5a16943129f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19a7100-8d4f-4c0a-8865-191670cb2db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6667
x-amzn-requestid: 1798057c-208d-471e-8d5c-602631418afd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1nHvsoAMF23A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-121c21f710767cde77a06945;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vdjC0dj8L5qN-SdmlBD_TD0T0hdFtWzmnC9_AdJVP5qTi9dWz6_K9g==
via: 1.1 e71753cf85369390852fdcb22bf59aa8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:40:13 GMT
age: 75101
etag: "65886e11d9f792452cceea23444722ff4028b081"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2