www.inky.com Open in urlscan Pro
199.60.103.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&...
Submission Tags: falconsandbox
Submission: On January 06 via api (January 6th 2021, 4:03:01 pm UTC) from US

Summary HTTP 98 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 28 domains to perform 98 HTTP transactions. The main IP is 199.60.103.254, located in Canada and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.inky.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2020. Valid for: a year.

This is the only time www.inky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:f2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	24.173.150.18 24.173.150.18	33363 (BHN-33363) (BHN-33363)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.139.243.18 151.139.243.18	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
1	52.205.51.47 52.205.51.47	14618 (AMAZON-AES) (AMAZON-AES)
5	34.233.235.75 34.233.235.75	14618 (AMAZON-AES) (AMAZON-AES)
1	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS)
1 5	104.111.214.206 104.111.214.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	206.19.49.24 206.19.49.24	7018 (ATT-INTER...) (ATT-INTERNET4)
1 1	54.74.23.153 54.74.23.153	16509 (AMAZON-02) (AMAZON-02)
1	54.78.251.22 54.78.251.22	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.203.70.43 18.203.70.43	16509 (AMAZON-02) (AMAZON-02)
1	65.9.7.43 65.9.7.43	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	52.200.34.95 52.200.34.95	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
4	52.212.74.79 52.212.74.79	16509 (AMAZON-02) (AMAZON-02)
98	36

15 199.60.103.254 (Canada)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.inky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 24.173.150.18 (Inverness, United States)

ASN33363 (BHN-33363, US)
PTR: rrcs-24-173-150-18.se.biz.rr.com

api.contentengine.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:58e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.243.18 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdns.canddi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.51.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-51-47.compute-1.amazonaws.com

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.233.235.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-235-75.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.214.206 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-206.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN7018 (ATT-INTERNET4, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.23.153 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-23-153.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.251.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-251-22.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.70.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-70-43.eu-west-1.compute.amazonaws.com

i.canddi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.canddi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.34.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-34-95.compute-1.amazonaws.com

nextroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.74.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-74-79.eu-west-1.compute.amazonaws.com

s.canddi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	contentengine.net api.contentengine.net	273 KB
15	inky.com www.inky.com	229 KB
6	adroll.com 1 redirects s.adroll.com d.adroll.com	71 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	76 KB
5	canddi.io cdn.canddi.io s.canddi.io	70 KB
5	stackadapt.com tags.srv.stackadapt.com	7 KB
5	hubspot.com app.hubspot.com forms.hubspot.com track.hubspot.com	1 KB
4	google.de www.google.de	487 B
4	crazyegg.com script.crazyegg.com	36 KB
3	google.com www.google.com	304 B
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	canddi.com cdns.canddi.com i.canddi.com	35 KB
3	googletagmanager.com www.googletagmanager.com	127 KB
3	hubspot.net cdn2.hubspot.net	4 KB
2	techtarget.com trk.techtarget.com apt.techtarget.com	3 KB
2	googleadservices.com 1 redirects www.googleadservices.com	13 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	fontawesome.com use.fontawesome.com	87 KB
1	nextroll.com nextroll.com	2 KB
1	hsforms.com forms.hsforms.com	525 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hscollectedforms.net js.hscollectedforms.net	25 KB
1	hs-banner.com js.hs-banner.com	13 KB
1	callrail.com cdn.callrail.com	312 B
1	licdn.com snap.licdn.com	2 KB
1	googleapis.com fonts.googleapis.com	644 B
98	28

	Domain	Requested by
18	api.contentengine.net	www.inky.com api.contentengine.net
15	www.inky.com	www.inky.com cdns.canddi.com
5	s.adroll.com	1 redirects www.googletagmanager.com www.inky.com s.adroll.com
5	tags.srv.stackadapt.com	www.inky.com tags.srv.stackadapt.com
4	s.canddi.io	cdns.canddi.com
4	www.google.de	www.inky.com
4	fonts.gstatic.com	fonts.googleapis.com
4	script.crazyegg.com	www.inky.com www.googletagmanager.com script.crazyegg.com
3	track.hubspot.com
3	www.google.com	www.inky.com
3	www.googletagmanager.com	www.inky.com www.googletagmanager.com
3	cdn2.hubspot.net	www.inky.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	i.canddi.com	cdns.canddi.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	1 redirects www.inky.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	use.fontawesome.com	www.inky.com use.fontawesome.com
1	nextroll.com	www.inky.com
1	cdn.canddi.io	cdns.canddi.com
1	forms.hsforms.com	www.inky.com
1	d.adroll.com	www.inky.com
1	d.adroll.mgr.consensu.org	1 redirects
1	apt.techtarget.com	www.inky.com
1	forms.hubspot.com	js.hscollectedforms.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	js.hs-analytics.net	www.inky.com
1	js.hscollectedforms.net	www.inky.com
1	js.hs-banner.com	www.inky.com
1	trk.techtarget.com	www.inky.com
1	cdn.callrail.com	www.googletagmanager.com
1	cdns.canddi.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	app.hubspot.com	www.inky.com
1	fonts.googleapis.com	www.inky.com
98	37

This site contains no links.

Subject Issuer	Validity	Valid
www.inky.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.contentengine.net Sectigo RSA Domain Validation Secure Server CA	`2019-08-06` - `2021-08-05`	2 years	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
cdns.canddi.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-09` - `2021-10-11`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
cdn.callrail.com Amazon	`2020-04-24` - `2021-05-24`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
trk.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-05-17`	2 years	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-25` - `2021-10-24`	2 years	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
i.canddi.com Amazon	`2020-03-10` - `2021-04-10`	a year	crt.sh
cdn.canddi.io Amazon	`2020-04-29` - `2021-05-29`	a year	crt.sh
nextroll.com Let's Encrypt Authority X3	`2020-11-20` - `2021-02-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
s.canddi.io Amazon	`2020-02-25` - `2021-03-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Frame ID: 9A98D4A7F259C8BF050BCF016B112840
Requests: 98 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

98
Requests

100 %
HTTPS

58 %
IPv6

28
Domains

37
Subdomains

36
IPs

7
Countries

1112 kB
Transfer

3006 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1609948931449&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%40homedepot.com%26cfn%3Dundefined%26cln%3Dundefined%26cc%3Dundefined%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2665292%26time%3D1609948931449%26url%3Dhttps%253A%252F%252Fwww.inky.com%252Fphishing%253Fce%253Dmichael_p_merritt%2540homedepot.com%2526cfn%253Dundefined%2526cln%253Dundefined%2526cc%253Dundefined%2526utm_campaign%253Dprosdata%2526utm_medium%253DEmail%2526utm_source%253DSG%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1609948931449&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%40homedepot.com%26cfn%3Dundefined%26cln%3Dundefined%26cc%3Dundefined%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&liSync=true

Request Chain 55

https://s.adroll.com/j/exp/VE72WIA6JJAITAM4PZOSV5/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 57

https://d.adroll.mgr.consensu.org/consent/iabcheck/VE72WIA6JJAITAM4PZOSV5?_s=ed2d0d7b1558a1d812b065262517b50f&_b=2 HTTP 302
https://d.adroll.com/consent/check/VE72WIA6JJAITAM4PZOSV5/?_s=ed2d0d7b1558a1d812b065262517b50f&_b=2

Request Chain 67

https://www.googleadservices.com/pagead/conversion/829684701/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD

98 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request phishing Show response
www.inky.com/ 34 KB
9 KB 155ms
76ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

d3147e727616c1f0d39af9d724299424a6c1ead8fef0f819563d43ecdf16bf57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0

Request headers

:method: GET
:authority: www.inky.com
:scheme: https
:path: /phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d765c95ff9cd951167f918f13ca22f4c71609948930; expires=Fri, 05-Feb-21 16:02:10 GMT; path=/; domain=.www.inky.com; HttpOnly; SameSite=Lax __cfruid=28b261f561ef8a65521cd7dc35ca3415a9a14c5a-1609948930; path=/; domain=.www.inky.com; HttpOnly; Secure; SameSite=None
cache-control: s-maxage=10800, max-age=0
etag: W/"7e24a98ab8e17a5549e7325dc8e355a5"
last-modified: Sat, 02 Jan 2021 12:41:55 GMT
link: </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.27/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js>; rel=preload; as=script
strict-transport-security: max-age=0
cf-cache-status: HIT
cache-tag: CT-37361548429,P-4660171,L-14051610652,W-1572273058050,W-1605043374820,W-1606162864966,CW-14051298452,CW-14051608974,CW-14051610622,CW-14051831234,CW-14053561210,E-14049870587,E-14051298449,E-14051610620,E-14051612624,MENU-14453099107,MENU-14457366646,MENU-14457366733,MENU-14457367717,PGS-ALL,SW-2
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-37361548429,P-4660171,L-14051610652,W-1572273058050,W-1605043374820,W-1606162864966,CW-14051298452,CW-14051608974,CW-14051610622,CW-14051831234,CW-14053561210,E-14049870587,E-14051298449,E-14051610620,E-14051612624,MENU-14453099107,MENU-14457366646,MENU-14457366733,MENU-14457367717,PGS-ALL,SW-2
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-combine-css: Disabled
x-hs-content-id: 37361548429
x-hs-hub-id: 4660171
x-powered-by: HubSpot
cf-request-id: 077a08393a000010eb7a9f2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 60d6a96ecbc310eb-CPH
content-encoding: br
cf-h2-pushed: </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>,</hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js>,</hs/hsstatic/cos-i18n/static-1.27/bundles/project.js>,</_hcms/forms/v2.js>,</hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js>

GET
H2 200 project.js Show response
www.inky.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
916 B 9ms
0ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inky.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:10 GMT
via: 1.1 85813c3d382dcae0aa1651f8f6eac244.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 919917
x-amz-server-side-encryption: AES256
cf-ray: 60d6a96f1caa10eb-CPH
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 077a083971000010eb9cbbb000000001
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
cache-control: public, max-age=31536000
x-amz-cf-pop: CPH50-C1
content-type: application/javascript
x-amz-cf-id: uujWJIOAdvg-6C5HArh0RRgOZ4FSr8XcXQJivlPWiWR6nfLdfo8HRQ==
expires: Thu, 06 Jan 2022 16:02:10 GMT

GET
H2 200 jquery-1.7.1.js Show response
www.inky.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
32 KB 13ms
0ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inky.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:10 GMT
via: 1.1 a2a09a958c847f4f89925c7be20e044e.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 995370
cf-ray: 60d6a96f1cab10eb-CPH
x-cache: Miss from cloudfront
content-encoding: br
cf-request-id: 077a083972000010eb671f7000000001
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: ARN53
content-type: application/javascript
x-amz-cf-id: 3wodEre9-y2z2rsPYjt5kMFjMNtaRGyTtYMwYbztmf5jPflaqUh7XA==
expires: Thu, 06 Jan 2022 16:02:10 GMT

GET
H2 200 project.js Show response
www.inky.com/hs/hsstatic/cos-i18n/static-1.27/bundles/ 1 KB
953 B 14ms
0ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inky.com/hs/hsstatic/cos-i18n/static-1.27/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3f99c65ea3d6186991a21add80eeea6d79500fcb3c9d8263680e0de270e0753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:10 GMT
via: 1.1 208ed8b46a45d58d14b6e0be1aab3dad.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 1006896
x-amz-server-side-encryption: AES256
cf-ray: 60d6a96f1cac10eb-CPH
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 077a083972000010eb691a3000000001
last-modified: Wed, 19 Aug 2020 22:31:39 GMT
server: cloudflare
etag: W/"d0cd32f08bf823a0389da03beed61887"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 2tzxWhBqhFrbWNOKYsoHIauxtaBoTuuO
cache-control: public, max-age=31536000
x-amz-cf-pop: ARN1-C1
content-type: application/javascript
x-amz-cf-id: twCQxnn2nj_kP6GbrmHQ0I_MbYhJPjAZHWw1nkngpU6horfVtOs2Gg==
expires: Thu, 06 Jan 2022 16:02:10 GMT

GET
H2 200 v2.js Show response
www.inky.com/_hcms/forms/ 519 KB
126 KB 32ms
0ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inky.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

057839035b660b390bcd2dc55ef31b6395fb51eeb55ede9e03139b6b27c9df93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:10 GMT
via: 1.1 600860a2fda807ac628822c14b5de861.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 586
x-amz-server-side-encryption: AES256
cf-ray: 60d6a96f1cad10eb-CPH
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 077a083972000010eb68974000000001
last-modified: Thu, 17 Dec 2020 10:00:31 UTC
server: cloudflare
etag: W/"78f37d42d5b121877beb45ea572c1039"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: mdp96hLjDPnkrUpuKzRsu.TiWTgbsFrM
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Wmz18lC3vUwIOZCzRN1gL8ZO_9OpSSsYb_AR36FOha3nWfpBXxP-ng==

GET
H2 200 index.js Show response
www.inky.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/ 10 KB
4 KB 12ms
0ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inky.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:10 GMT
via: 1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 1000489
x-amz-server-side-encryption: AES256
cf-ray: 60d6a96f1cae10eb-CPH
x-cache: Miss from cloudfront
x-amz-replication-status: PENDING
content-encoding: br
cf-request-id: 077a083972000010eb6abfc000000001
last-modified: Mon, 14 Sep 2020 20:19:23 GMT
server: cloudflare
etag: W/"e669ca94e2fffafc96a88184dda30834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: RcBG9DPSu_6ZVzKnktPJ4cTzKi_y_4VM
cache-control: public, max-age=31536000
x-amz-cf-pop: HEL50-C1
content-type: application/javascript
x-amz-cf-id: liEfgAsnkxUWyX9I-aveexQ-1LbaHqTZzmwVnmPnvapodMM11HJDjQ==
expires: Thu, 06 Jan 2022 16:02:10 GMT

GET
H2 200 mjfw_styles.min.css
www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1595016329689/Custom/page/mjfw/ 130 KB
20 KB 59ms
58ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1595016329689/Custom/page/mjfw/mjfw_styles.min.css
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ce172b9968fcd715ec9caced0c928f8818a4a2d65bbdc21ce177c996a5275b

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:10 GMT
via: 1.1 88b63cb2f8aab28c7291262ffc15282f.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD89-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: 7F472DE4E341EFFC
x-amz-id-2: ryqRDmmB5iUh5NP5zinB+8lf93gmyfLpTYHArGgw1HiHuF0n7osdq4YLvq8QRFRZiG/MAVi+HZg=
last-modified: Fri, 17 Jul 2020 20:05:30 GMT
server: cloudflare
etag: W/"90f39eb077b20393b58ad2ebf6738faf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1595016329689
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: kViomeWRUhnPRoG2Wx0k6xsL9rvgNlDq
cf-request-id: 077a08398a000010eb65bbf000000001
cf-ray: 60d6a96f4cec10eb-CPH
x-amz-cf-id: bEkz99vUGc5O7qyUJVE1PwoPE7aXfyzG9rxXxMKTD1_EdRa0Oct__g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 410 5986.js
script.crazyegg.com/pages/scripts/0078/ 0
0 30ms
15ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0078/5986.js
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Jan 2021 13:04:18 GMT
server: cloudflare
age: 10673
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 60d6a9740eca0614-FRA
content-length: 0
cf-request-id: 077a083c83000006148fa00000000001

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1608583171829/hubspot/hubspot_default/shared/responsive/ 5 KB
2 KB 54ms
38ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1608583171829/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 1365581
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
cf-request-id: 077a08399100002bb91ba5c000000001
last-modified: Mon, 21 Dec 2020 20:39:32 GMT
server: cloudflare
etag: W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1608583171829
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-C1
cf-ray: 60d6a96f4b492bb9-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H/1.1 200
OK evt_content_engine.css
api.contentengine.net/css/ 2 KB
898 B 742ms
149ms Stylesheet
text/css 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to

Full URL: https://api.contentengine.net/css/evt_content_engine.css
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash: 3e4708fc1f7842d6481ad0a9863c146671349cba513319cd3202b6c47aebf7df

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 May 2020 21:34:53 GMT
Server: Apache/2.4.46 (Ubuntu)
ETag: "69a-5a6e4551207dd-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 562

GET
H/1.1 200
OK evt_content_engine.js Show response
api.contentengine.net/js/ 4 KB
2 KB 755ms
148ms Script
application/javascript 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to

Full URL: https://api.contentengine.net/js/evt_content_engine.js
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash: cea0e07753d8fa388dc1883da9e072af5c3fb47c848112db858bd2f663e60478

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Oct 2018 19:15:03 GMT
Server: Apache/2.4.46 (Ubuntu)
ETag: "11fe-578fe4da15bc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1554

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
14 KB 98ms
31ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Origin: https://www.inky.com
Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:10 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 21:31:35 GMT
server: NetDNA-cache/2.2
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 logo-on-light.svg
www.inky.com/hubfs/mjfw/logos/ 3 KB
2 KB 37ms
36ms Image
image/svg+xml 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inky.com/hubfs/mjfw/logos/logo-on-light.svg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac089f5f1fe40dc6f4279ed44a86244800edf020b5f5add666467ec026fbddf

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
via: 1.1 d2344bac503cfadf51884e9930680ffe.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-16962397085,FD-16938974358,P-4660171,FLS-ALL
age: 861587
edge-cache-tag: F-16962397085,FD-16938974358,P-4660171,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: FB21C903FEEC299B
cf-request-id: 077a083c82000010eba809e000000001
x-amz-id-2: YoKgZgC2Cji/uhwdHqucuXrVpD5FPQagWXJLOwXl/AkoO4x9Hvy8VVi+EvWnMlZF4A0RvaWcqL0=
last-modified: Thu, 03 Oct 2019 14:22:49 GMT
server: cloudflare
etag: W/"327d2b8dd7e69df5e6aca1f4bbde475a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: bZ9bSBaVVlbilrmPxinDr1_TYLe0TbBS
x-amz-cf-pop: ARN1-C1
cf-ray: 60d6a974089e10eb-CPH
x-amz-cf-id: 3sUwrQJTaFmwivuNEIbaToYkv7x-p6A9gPCJhlLXoeuol3_EHSoz_A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 logo-on-dark.svg
www.inky.com/hubfs/mjfw/logos/ 3 KB
2 KB 37ms
35ms Image
image/svg+xml 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inky.com/hubfs/mjfw/logos/logo-on-dark.svg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5066eb8c5e597263405f571bf0e8ae80bab9fbe2322c2f95f0b8d76e3b1a8ca8

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
via: 1.1 0c7df46428c45dd75d01d31cc57c5d23.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-16962397087,FD-16938974358,P-4660171,FLS-ALL
age: 199587
edge-cache-tag: F-16962397087,FD-16938974358,P-4660171,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: 731F5924D49124D4
cf-request-id: 077a083c83000010eb66188000000001
x-amz-id-2: e9JiTGEYpU+luFY+w+HLY94DJpZAVQ6Tw2V1zF44t9dsa560+PaFj3PfyNaVODCh+Yo2XABrFD8=
last-modified: Thu, 03 Oct 2019 14:22:49 GMT
server: cloudflare
etag: W/"d1870bfd5cc0c5ad3601986369a45cd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: BIZeU1B5ZsrfaGrz7w03QzzBrmvLk2XL
x-amz-cf-pop: HEL50-C1
cf-ray: 60d6a974089f10eb-CPH
x-amz-cf-id: 582-2Zrh_v10hAp0-kEig324GmvmLjP6E1llsoXAKWUBpmoZdGTm4A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Inky-Logo.svg
www.inky.com/hubfs/Image%20Assets/ 7 KB
3 KB 45ms
44ms Image
image/svg+xml 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inky.com/hubfs/Image%20Assets/Inky-Logo.svg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 564970ca3723a64d7b53f0013336ac0c9ce98095092b146db1d3e715af9d1bff

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
via: 1.1 71f46d2cc0b2c2e933cd6222e921feed.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-13284613313,FD-6467782979,P-4660171,FLS-ALL
age: 1545593
edge-cache-tag: F-13284613313,FD-6467782979,P-4660171,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: AM6X1J2N2H6G1HAJ
cf-request-id: 077a083c83000010eb6ba25000000001
x-amz-id-2: BOtNGhLe/ggVLO2oepe8r5nvsOKjnEVkNOeGERTy9oKpyaaZK1bFZT1wrvW4Pu3DoaqxCtGgpUY=
last-modified: Fri, 13 Sep 2019 16:44:41 GMT
server: cloudflare
etag: W/"9b543ca17e2d8e55c271a5b4e68e694f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: SGKckX83Adno1czoPeDlKlvhkAqADBY.
x-amz-cf-pop: CPH50-C2
cf-ray: 60d6a97408a010eb-CPH
x-amz-cf-id: z8TkJK9xojTMx2JdqqPGyXus2cAwdW4Uq_wR1uUHuhSUYFXQcV0VdQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 mjfw_main.js
www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14051612624/1572376088401/Custom/page/mjfw/ 92 KB
25 KB 61ms
61ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14051612624/1572376088401/Custom/page/mjfw/mjfw_main.js
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
via: 1.1 824fe21e467658628899bdd8725649ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD89-C1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: DD6F3A42B0D57A35
x-amz-id-2: eKiyNot3bCLtx2W6/YOW5aVTz8U+hCwBtemUZ64mp52kHPmWiZaeXlYS9f8xpBJzwfQQKRnq6OQ=
last-modified: Tue, 29 Oct 2019 19:08:09 GMT
server: cloudflare
etag: W/"375e2190fe820eaa8ab7362d6f8f2aaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: TRCPQe6eZnrUOwBjBcRV8Ert_Gyf_I9Y
cf-request-id: 077a083c71000010eb9226c000000001
cf-ray: 60d6a973e85d10eb-CPH
x-amz-cf-id: 2cuCH2-YYE3h5GEk1qBoQYxlTn_-V7TMOKMQd4qiBZkcBxx7QhSIhQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 4660171.js
www.inky.com/hs/scriptloader/ 1 KB
652 B 177ms
176ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inky.com/hs/scriptloader/4660171.js
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B97067EB59F73EE64CCCEF4F450314E411B3A78CB000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 60d6a97408a110eb-CPH
cf-request-id: 077a083c83000010ebb4b2c000000001
expires: Wed, 06 Jan 2021 16:03:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
644 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap

Requested by

Host: www.inky.com
URL: https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1595016329689/Custom/page/mjfw/mjfw_styles.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f6235951e70e222f23f04e7ab2716af75612711053dde2d18c4b6e0268efdbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1595016329689/Custom/page/mjfw/mjfw_styles.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 16:02:10 GMT
server: ESF
date: Wed, 06 Jan 2021 16:02:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jan 2021 16:02:10 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 135 KB
46 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5

Requested by

Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47488
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jan 2021 16:02:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
42 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TG5VWM7

Requested by

Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b938a4510e591606d684712884d57058d12674ec6fd73673f58131479858264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42437
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jan 2021 16:02:11 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1608583171829/hubspot/hubspot_default/shared/responsive/ 5 KB
1 KB 29ms
28ms Other
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1608583171829/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 1365582
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
cf-request-id: 077a083c7b00002bb928b14000000001
last-modified: Mon, 21 Dec 2020 20:39:32 GMT
server: cloudflare
etag: W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1608583171829
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-C1
cf-ray: 60d6a973f8eb2bb9-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H/1.1 200
OK api.php
api.contentengine.net/ 28 KB
29 KB 1780ms
450ms XHR
application/json 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to

Full URL: https://api.contentengine.net/api.php?vid=DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9&images=true&limit=15&days=8&format=json&ref=aHR0cHM6Ly93d3cuaW5reS5jb20vcGhpc2hpbmc/Y2U9bWljaGFlbF9wX21lcnJpdHQlNDBob21lZGVwb3QuY29tJmNmbiZjbG4mY2MmdXRtX2NhbXBhaWduPXByb3NkYXRhJnV0bV9tZWRpdW09RW1haWwmdXRtX3NvdXJjZT1TRw==
Requested by: Host: api.contentengine.net
URL: https://api.contentengine.net/js/evt_content_engine.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:12 GMT
Server: Apache/2.4.46 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H2 200 b4cfb89a-2056-4f97-8bc0-402eb66e1434
www.inky.com/_hcms/forms/embed/v3/form/4660171/ 9 KB
3 KB 143ms
142ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inky.com/_hcms/forms/embed/v3/form/4660171/b4cfb89a-2056-4f97-8bc0-402eb66e1434?callback=hs_reqwest_0&hutk=

Requested by

Host: www.inky.com
URL: https://www.inky.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2BB7DF0C99E1733652B395CD3B0E3885123250E0FC000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
content-disposition: attachment; filename=no-rfd.txt
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 60d6a974391d10eb-CPH
cf-request-id: 077a083ca3000010eb9db52000000001

GET
H2 200 InkyBGBlobBlue-01.svg
cdn2.hubspot.net/hubfs/4660171/Image%20Assets/ 944 B
1 KB 27ms
27ms Image
image/svg+xml 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4660171/Image%20Assets/InkyBGBlobBlue-01.svg
Requested by: Host: www.inky.com
URL: https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1595016329689/Custom/page/mjfw/mjfw_styles.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a586df7d6736113cad2bd970e7baa94faf93d3ac149860a6dbe96d8ef63d49c7

Request headers

Referer: https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1595016329689/Custom/page/mjfw/mjfw_styles.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-13282694110,FD-6467782979,P-4660171,FLS-ALL
age: 34814
edge-cache-tag: F-13282694110,FD-6467782979,P-4660171,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: D91B3422D674E25D
cf-request-id: 077a083ca000002bb96d2bd000000001
x-amz-id-2: nHrA50HFtsl08Dk+X3e3wFPteg2nB2l2+sWNVrQ0w+TdlSRwXcg+EF5xj8SrM7WbxL5437h7LvA=
last-modified: Fri, 13 Sep 2019 16:44:41 GMT
server: cloudflare
etag: W/"c7abb6c51e0913eb1854bbf123465987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: Hl.88FjQI6nIpb_38wvrM3WykQcHcctd
x-amz-cf-pop: DUS51-C1
cf-ray: 60d6a97439942bb9-FRA
x-amz-cf-id: ZGQT1I_MGWHb3Fq4cjP5nodCAhUux85fWD8v-J8bT-0aPZxbdbsdvQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Blog%20Image%20Template.png
www.inky.com/hubfs/ 52 B
762 B 52ms
52ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inky.com/hubfs/Blog%20Image%20Template.png
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 862e6c27e52dc72874efc233514939db440a5859c36f89f409b9b5a2d28bd56c

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
via: 1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-6303786106,P-4660171,FLS-ALL
x-amz-cf-pop: HEL50-C2
cf-polished: origFmt=png, origSize=1321
edge-cache-tag: F-6303786106,P-4660171,FLS-ALL
content-disposition: inline; filename="Blog%20Image%20Template.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 2Z6M5N4Z2P3N1X7W
cf-request-id: 077a083ca9000010ebc1968000000001
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Tue, 09 Oct 2018 19:09:16 GMT
server: cloudflare
etag: "57b805f263d8580560c5f42d72054d09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: Myswgghdnq6+Va8Z7FLRrMxhuG5uDllOKj5maOSjMYjEtLDorXZ5WGq5mb2OhT7ryz1IjIldK1w=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: t0PuVXXPiqjqmMofi7jtx2e9kMfQdg3i
content-length: 52
cf-ray: 60d6a974493a10eb-CPH
x-amz-cf-id: 8X-3wL46w6kv0ktp1YGKIvUTMY-hIbWuzwmgpSCYOD7gPxgVZc4hLg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.inky.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 06:27:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 466461
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Sat, 01 Jan 2022 06:27:50 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 13 KB
14 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.inky.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 03:44:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 476248
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Sat, 01 Jan 2022 03:44:43 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.inky.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:04:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 597477
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Thu, 30 Dec 2021 18:04:14 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.inky.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 21:09:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 499983
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Fri, 31 Dec 2021 21:09:08 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 73 KB
73 KB 2036ms
43ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash

Request headers

Origin: https://www.inky.com
Referer: https://use.fontawesome.com/releases/v5.8.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:13 GMT
last-modified: Thu, 21 Mar 2019 21:32:11 GMT
server: NetDNA-cache/2.2
etag: "5e2f92123d241cabecf0b289b9b08d4a"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 74768

GET
H2 204 has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
249 B 120ms
119ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=4660171&callback=jsonpHandler

Requested by

Host: www.inky.com
URL: https://www.inky.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2BE372248B212C97BE045C7B13E96AA268D62B89EF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=0
access-control-allow-credentials: false
cf-ray: 60d6a9753fce9710-FRA
cf-request-id: 077a083d46000097100a026000000001

GET
H/1.1 200
OK insight.min.js
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 11ms
10ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG5VWM7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=14511
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 d57d941c56ae95b874e95340beb17c30.js
cdns.canddi.com/p/ 86 KB
34 KB 421ms
347ms Script
application/javascript 151.139.243.18
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.canddi.com/p/d57d941c56ae95b874e95340beb17c30.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG5VWM7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.243.18 Dallas, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 16:02:11 GMT
server: nginx
vary: Accept-Encoding, Accept
x-cache: MISS
p3p: policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
cache-control: max-age=1800, public
x-server: dashboard-api-nginx-deployment-6c49cd9c7c-rppth
strict-transport-security: max-age=15724800
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 06 Jan 2021 16:32:11 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1830
date: Wed, 06 Jan 2021 15:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 06 Jan 2021 17:31:41 GMT

GET
H2 200 conversion_async.js
www.googleadservices.com/pagead/ 30 KB
12 KB 54ms
54ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Jan 2021 16:02:11 GMT

GET
H2 200 2077.js
script.crazyegg.com/pages/scripts/0089/ 3 KB
1 KB 13ms
13ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0089/2077.js?447208
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4230
cf-polished: origSize=2833
ce-version: 11.1.190
cf-request-id: 077a083d690000061446ad7000000001
last-modified: Wed, 06 Jan 2021 14:51:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 60d6a9757ad30614-FRA
cf-bgj: minify

GET
H3-Q050 200 js
www.googletagmanager.com/gtag/ 96 KB
38 KB 76ms
48ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-829684701

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38970
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jan 2021 16:02:11 GMT

GET
H2 200 swap.js
cdn.callrail.com/companies/158776647/7d663d46157b46d8af9a/12/ 32 B
312 B 357ms
114ms Script
text/javascript 52.205.51.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/158776647/7d663d46157b46d8af9a/12/swap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.51.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-51-47.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.005941
date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-request-id: 586db510-ff34-4023-b121-799f6d864e9d

GET
H/1.1 200
OK events.js
tags.srv.stackadapt.com/ 13 KB
5 KB 455ms
114ms Script
text/javascript 34.233.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-235-75.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 Jan 2021 16:02:11 GMT
Content-Encoding: gzip
Cache-Control: max-age=30
Content-Length: 4296
Connection: keep-alive
Content-Type: text/javascript

GET
H/1.1 200
OK tracking.js
trk.techtarget.com/ 4 KB
2 KB 112ms
38ms Script
text/javascript 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 20:11:17 GMT
Server: PWS/8.3.1.0.8
Age: 565
X-Ws-Request-Id: 5ff5df03_PSdgflkfFRA2sg7_43648-29821
Content-Type: text/javascript
Via: 1.1 VMmgasbIAD1am50:2 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA2gb73:3 (W)
Cache-Control: max-age=600
X-Cache-Spec: Yes
X-Px: ht PSdgflkfFRA2gb73FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1711
Expires: Wed, 06 Jan 2021 16:02:46 GMT

GET
H/1.1 200
OK roundtrip.js
s.adroll.com/j/ 40 KB
13 KB 111ms
36ms Script
text/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: eHeCFa11ZmebQv0hmrjMAs.eB.BPo.q4
Content-Encoding: gzip
ETag: "0aed5b94bc26ce0fe9e58d25dd314418"
x-amz-request-id: A153E367E4F64E44
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12695
x-amz-id-2: 1CcC1EKrieRTlAyvmM8I9czxbYiNWqUAlIg4XQoBWjKMxkmKs0MXuebcXJ5+1jv9UbHz74EL7Lo=
Last-Modified: Thu, 10 Dec 2020 18:09:34 GMT
Server: AmazonS3
Date: Wed, 06 Jan 2021 16:02:11 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 4660171.js
js.hs-banner.com/ 55 KB
13 KB 45ms
42ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4660171.js
Requested by: Host: www.inky.com
URL: https://www.inky.com/hs/scriptloader/4660171.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=TNfSFg==, md5=T0eGJDN/lpVRyDLaY6mbIw==
date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABg5-Uy5kesWl0sxtN_cAmPnrFJcrCehtdaHByHSjKW1sIlaimWRFEGO-9U15wqvad9fMCB07EihyFJ-0x7hRuUsDD0
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 077a083d78000005bb7ca72000000001
timing-allow-origin: *
last-modified: Tue, 05 Jan 2021 18:02:03 GMT
server: cloudflare
etag: W/"4f478624337f969551c832da63a99b23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1609869723159647
access-control-allow-origin: https://www.inky.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 55964
cf-ray: 60d6a9758a6705bb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 06 Jan 2021 16:07:11 GMT

GET
H2 200 collectedforms.js
js.hscollectedforms.net/ 87 KB
25 KB 39ms
19ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: www.inky.com
URL: https://www.inky.com/hs/scriptloader/4660171.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://www.inky.com
Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
via: 1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 86035
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.206/bundles/project.js&cfRay=60ce7500db662b22-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 077a083d8a0000979c02804000000001
cf-ray: 60d6a975aa9b979c-FRA
last-modified: Wed, 18 Nov 2020 03:17:23 UTC
server: cloudflare
etag: W/"8009c15ab0ddd537e87c8961e3793907"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: vK9VzhfTTqVFyznSA1saY0pwTd8plNRY
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: tPM7wSRkV2TZdPEchwLO0RoPKRAZpWpiGU910ZuQflw0ttDpnLfCSw==

GET
H2 200 4660171.js
js.hs-analytics.net/analytics/1609948800000/ 61 KB
18 KB 154ms
152ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1609948800000/4660171.js
Requested by: Host: www.inky.com
URL: https://www.inky.com/hs/scriptloader/4660171.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 5B701E21EE9A6D57
x-amz-server-side-encryption: AES256
cf-ray: 60d6a975893e2c42-FRA
x-amz-id-2: cksSniKwqqm0l/TztC7zegRDZMZKt6COBwKjlnUf9ZRpN+JAo92nh1/NwOy0/r7yqCFk6FRQ+Ts=
last-modified: Mon, 14 Dec 2020 17:03:51 GMT
server: cloudflare
etag: W/"ac6c302eb8a2500090522a70b15b8c6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 077a083d7f00002c42ac0c5000000001
content-type: text/javascript
expires: Wed, 06 Jan 2021 16:07:11 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1609948931449&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%40homedepot.com%26cfn%3Dundefined%26cln%3Dundefined%...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2665292%26time%3D1609948931449%26url%3Dhttps%253A%252F%252Fwww.inky.com%252Fphish...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1609948931449&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%40homedepot.com%26cfn%3Dundefined%26cln%3Dundefined%...

0
40 B

162ms
162ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1609948931449&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%40homedepot.com%26cfn%3Dundefined%26cln%3Dundefined%26cc%3Dundefined%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&liSync=true
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: nNFwDQawVxYAYSmU/SoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: TnnrCAawVxZwe9xtfCsAAA==
pragma: no-cache
x-li-pop: afd-prod-edc2
x-msedge-ref: Ref A: 2561051A49164086A8425B4547CEC999 Ref B: FRAEDGE1416 Ref C: 2021-01-06T16:02:11Z
x-frame-options: sameorigin
date: Wed, 06 Jan 2021 16:02:11 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1609948931449&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%40homedepot.com%26cfn%3Dundefined%26cln%3Dundefined%26cc%3Dundefined%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-Q050 200 collect
www.google-analytics.com/j/ 2 B
66 B 18ms
18ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1095994448&t=pageview&_s=1&dl=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&ul=en-us&de=UTF-8&dt=Phishing%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=61770019&gjid=1219409940&cid=1053102033.1609948931&tid=UA-91768532-1&_gid=1468110058.1609948931&_r=1&gtm=2wgbu0W38C9T5&z=1943961900

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 16:02:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.inky.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2077.json
script.crazyegg.com/pages/data-scripts/0089/ 7 KB
1 KB 46ms
27ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0089/2077.json?t=5366496
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0089/2077.js?447208
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4230
ce-version: 11.1.190
content-length: 1090
cf-request-id: 077a083dc100009808ba0aa000000001
last-modified: Wed, 06 Jan 2021 14:51:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 60d6a975fc129808-FRA

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/829684701/ 2 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/829684701/?random=1609948931507&cv=9&fst=1609948931507&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&tiba=Phishing%20Daily&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
86 B 17ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-91768532-1&cid=1053102033.1609948931&jid=61770019&gjid=1219409940&_gid=1468110058.1609948931&_u=YEBAAEAAAAAAAC~&z=2117008233

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Jan 2021 16:02:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.inky.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json
forms.hubspot.com/collected-forms/v1/config/ 115 B
646 B 142ms
114ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=4660171&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.inky.com
access-control-max-age: 180
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 60d6a9763e882c01-FRA
access-control-allow-headers: *
cf-request-id: 077a083de700002c0148224000000001

GET
H2 200 /
www.google.com/pagead/1p-user-list/829684701/ 42 B
108 B 32ms
31ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/829684701/?random=1609948931507&cv=9&fst=1609948800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&tiba=Phishing%20Daily&async=1&fmt=3&is_vtc=1&random=4268831144&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 16:02:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/829684701/ 42 B
108 B 24ms
24ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/829684701/?random=1609948931507&cv=9&fst=1609948800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&tiba=Phishing%20Daily&async=1&fmt=3&is_vtc=1&random=4268831144&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 16:02:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 46ms
32ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-91768532-1&cid=1053102033.1609948931&jid=61770019&_u=YEBAAEAAAAAAAC~&z=1345846477

Requested by

Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 16:02:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
88 B 41ms
39ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-91768532-1&cid=1053102033.1609948931&jid=61770019&_u=YEBAAEAAAAAAAC~&z=1345846477

Requested by

Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 16:02:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.190.js
script.crazyegg.com/pages/versioned/common-scripts/ 101 KB
33 KB 20ms
19ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.190.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0089/2077.js?447208
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Jan 2021 19:28:11 GMT
server: cloudflare
age: 12331
cf-polished: origSize=107931
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
cf-ray: 60d6a9764cfb0614-FRA
cf-request-id: 077a083de90000061468afc000000001
cf-bgj: minify

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
450 B 419ms
105ms Image
image/gif 206.19.49.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=16628935&version=2.0&ref=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&r=1609948931563
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:11 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
ETag: "2b-5850384023492"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 43

GET
H/1.1

200
OK

index.js
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/VE72WIA6JJAITAM4PZOSV5/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

35ms
35ms

Script
application/javascript

104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: kQuvr953R4ssiJwbsfMq_VDT45vrx0ck
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 5D27A745DD2C3854
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 3/6t9VIRVA/QNy2N+EyZPXCuDKmgIk35xTSbfAtDuSK2Az+bFyYA5GS35jaZL5N/nVIfRJBlAP8=
Last-Modified: Tue, 05 Jan 2021 17:29:21 GMT
Server: AmazonS3
Date: Wed, 06 Jan 2021 16:02:11 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Wed, 06 Jan 2021 16:02:11 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js
s.adroll.com/j/pre/VE72WIA6JJAITAM4PZOSV5/EO6PKOTODNGPVLDZHH27JW/ 1 KB
1 KB 98ms
36ms Script
text/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/VE72WIA6JJAITAM4PZOSV5/EO6PKOTODNGPVLDZHH27JW/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: .fbCTWdxVo6VpbzkNJPGEprIY9vK8yI_
Content-Encoding: gzip
ETag: "3996d65282dd996ee0d7d4c90c139158"
x-amz-request-id: BA21842A00A4E1EF
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 635
x-amz-id-2: 7TjzBqIbXtIKBLxaGsWf31VSFRgSrzXMZYmsoNKRoWA8I3tOGz34DGD3BKBKxOKZM39lfazak2s=
Last-Modified: Wed, 06 Jan 2021 01:00:06 GMT
Server: AmazonS3
Date: Wed, 06 Jan 2021 16:02:11 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/
d.adroll.com/consent/check/VE72WIA6JJAITAM4PZOSV5/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/VE72WIA6JJAITAM4PZOSV5?_s=ed2d0d7b1558a1d812b065262517b50f&_b=2
https://d.adroll.com/consent/check/VE72WIA6JJAITAM4PZOSV5/?_s=ed2d0d7b1558a1d812b065262517b50f&_b=2

385 B
478 B

144ms
47ms

Script
application/javascript

54.78.251.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/VE72WIA6JJAITAM4PZOSV5/?_s=ed2d0d7b1558a1d812b065262517b50f&_b=2
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.251.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-251-22.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
server: nginx/1.18.0
content-length: 385
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/VE72WIA6JJAITAM4PZOSV5/?_s=ed2d0d7b1558a1d812b065262517b50f&_b=2
date: Wed, 06 Jan 2021 16:02:11 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
525 B 247ms
186ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B1487D69A6F5C67639F8CA4C2358C06F083E6E31E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 60d6a977c9cd0621-FRA
content-length: 35
cf-request-id: 077a083ee8000006210418d000000001

GET
H/1.1 200
OK i.js
i.canddi.com/ 193 B
772 B 217ms
51ms Script
application/javascript 18.203.70.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.canddi.com/i.js

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/d57d941c56ae95b874e95340beb17c30.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.70.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-70-43.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:12 GMT
Last-Modified: Wed, 06 Jan 2021 16:02:12 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: policyref="http://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
Cache-Control: max-age=94608000, private
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 193
Expires: Sat, 06 Jan 2024 16:02:12 GMT

GET
H2 200 capture.js
cdn.canddi.io/ 293 KB
68 KB 148ms
62ms Script
application/javascript 65.9.7.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.canddi.io/capture.js
Requested by: Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/d57d941c56ae95b874e95340beb17c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 13:10:14 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9934FABCEBE017F4
x-cache: Hit from cloudfront
x-amz-id-2: 4QAOmfAqnjigD3UQhLT6selgrhULgE7+v4naBPCs841ZgoI1dtJxwqEOL49e97Fqtuc3bjJfzco=
last-modified: Tue, 05 Jan 2021 11:30:53 GMT
server: AmazonS3
etag: W/"46abe909706590fb4ce909c7b04a2cec"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 ab402055ebb78b405a698ff055138d0c.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: luodaKN4f4lOcF3CbnPS5MAMfe5G_ERKAQAIc_ZL4B39JmCXW9hoJw==

GET
H2 200 loader.js
www.gstatic.com/wcm/ 539 B
743 B 25ms
6ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-829684701

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 15:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jun 2020 00:15:00 GMT
server: sffe
age: 1166
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 366
x-xss-protection: 0
expires: Wed, 06 Jan 2021 16:42:45 GMT

GET
H3-Q050 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/829684701/ 2 KB
2 KB 148ms
132ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/829684701/?random=1609948931918&cv=9&fst=1609948931918&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&tiba=Phishing%20Daily&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1095
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consent_tcfv2.js
s.adroll.com/j/ 397 KB
55 KB 39ms
38ms Script
application/javascript 104.111.214.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.206 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-206.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 7sDcLvGKTPrh8xIq2f5DynXc_Mi9vQVX
Content-Encoding: gzip
ETag: "1f2c64002f8e1b6eb56c304c2e892afb"
x-amz-request-id: 9C0A466D5B644741
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 55575
x-amz-id-2: RKvpIdckCIUfU1lGu4A9Vc4434+rKFeY6PhXnAc0s4O7wCj+IxmfMnCnJnqRhSwxJEODB4ztDYM=
Last-Modified: Mon, 07 Dec 2020 23:59:35 GMT
Server: AmazonS3
Date: Wed, 06 Jan 2021 16:02:11 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 82 B
309 B 112ms
111ms Stylesheet
text/css 34.233.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-235-75.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 Jan 2021 16:02:11 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 82
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg
tags.srv.stackadapt.com/ 0
881 B 435ms
107ms Fetch
image/jpeg 34.233.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-235-75.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 Jan 2021 16:02:12 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H3-Q050 200 call-tracking_6.js
www.gstatic.com/call-tracking/ 52 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_6.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 20:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jun 2020 00:15:00 GMT
server: sffe
age: 501610
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20194
x-xss-protection: 0
expires: Fri, 31 Dec 2021 20:42:01 GMT

GET
H3-Q050

200

wcm
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/829684701/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD

80 B
202 B

20ms
19ms

XHR
application/json

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD

Requested by

Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 16:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Wed, 06 Jan 2021 16:02:11 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.inky.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK favicon-32x32.png
nextroll.com/ 2 KB
2 KB 344ms
113ms Image
image/png 52.200.34.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextroll.com/favicon-32x32.png
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.34.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-34-95.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:12 GMT
Via: 1.1 vegur
Last-Modified: Mon, 21 Dec 2020 23:29:47 GMT
Server: Apache
Etag: "64f-5b701d56b90c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1615

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/829684701/ 42 B
89 B 22ms
22ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/829684701/?random=1609948931918&cv=9&fst=1609948800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&tiba=Phishing%20Daily&async=1&fmt=3&is_vtc=1&random=1199536799&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 16:02:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/829684701/ 42 B
89 B 22ms
21ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/829684701/?random=1609948931918&cv=9&fst=1609948800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&tiba=Phishing%20Daily&async=1&fmt=3&is_vtc=1&random=1199536799&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 16:02:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK s.js
i.canddi.com/s/d57d941c56ae95b874e95340beb17c30/ 134 B
739 B 49ms
49ms Script
application/javascript 18.203.70.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.canddi.com/s/d57d941c56ae95b874e95340beb17c30/s.js

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/d57d941c56ae95b874e95340beb17c30.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.70.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-70-43.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:12 GMT
Last-Modified: Wed, 06 Jan 2021 16:02:12 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: policyref="http://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
Cache-Control: max-age=3600, private
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 134
Expires: Wed, 06 Jan 2021 18:02:12 GMT

GET
H/1.1 200
OK s.js
s.canddi.io/ 79 B
441 B 211ms
50ms Script
application/javascript 52.212.74.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.canddi.io/s.js?Id={%22B%22:%220812cc16cd0d75ac1e61bee9487f7804%22}&S={%22SId%22:%22e323ecadf581c8cd7aff760e0cf9d863%22,%20%22TId%22:%22d57d941c56ae95b874e95340beb17c30%22,%20%22GNo%22:%221%22}&G-GT=&G-P=&G-T=UGhpc2hpbmcgRGFpbHk%3D&G-U=aHR0cHM6Ly93d3cuaW5reS5jb20vcGhpc2hpbmc%2FY2U9bWljaGFlbF9wX21lcnJpdHQlNDBob21lZGVwb3QuY29tJmNmbiZjbG4mY2MmdXRtX2NhbXBhaWduPXByb3NkYXRhJnV0bV9tZWRpdW09RW1haWwmdXRtX3NvdXJjZT1TRw%3D%3D&G-V=GET&G-TA=%5B%5D&G-TR=%5B%5D&Ref=&v=12.2.0&rand=99357857

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/d57d941c56ae95b874e95340beb17c30.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.74.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-74-79.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jan 2021 16:02:12 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0
Connection: keep-alive
Content-Length: 79
Expires: Wed, 06 Jan 2021 16:02:13 GMT

GET
H/1.1 200
OK e.js
s.canddi.io/ 79 B
441 B 51ms
50ms Script
application/javascript 52.212.74.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.canddi.io/e.js?Id={%22B%22:%220812cc16cd0d75ac1e61bee9487f7804%22}&S={%22SId%22:%22e323ecadf581c8cd7aff760e0cf9d863%22,%20%22TId%22:%22d57d941c56ae95b874e95340beb17c30%22,%20%22GNo%22:%222%22}&G-GT=%23!-1&G-P=&G-T=Y2FuZGRpLmlvL3Byb2JhYmx5YWJvdA%3D%3D&G-U=aHR0cHM6Ly93d3cuaW5reS5jb20vL3Byb2JhYmx5YWJvdA%3D%3D&G-V=EVENT&G-TGT=UHJvYmFibHkgQSBCb3Q%3D&G-TA=%5B%22bot%22%2C%22exclude%22%5D&v=12.2.0&rand=71367351

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/d57d941c56ae95b874e95340beb17c30.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.74.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-74-79.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jan 2021 16:02:12 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0
Connection: keep-alive
Content-Length: 79
Expires: Wed, 06 Jan 2021 16:02:13 GMT

GET
H/1.1 200
OK saq_pxl
tags.srv.stackadapt.com/ 213 B
514 B 112ms
111ms XHR
text/plain 34.233.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=bNn-JTx5qLksvJROpfMIMQ&is_js=true&landing_url=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&host=https://www.inky.com&sa_conv_data_css_value=%20%220-e7b0aa42-4c68-4e0e-54da-ac9a08b38713%24ip%2482.102.20.235%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd93552df8c14464796405678da46789003526614eb
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-235-75.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:12 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.inky.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 213

GET
H/1.1 204
No Content js_tracking
tags.srv.stackadapt.com/ 0
247 B 223ms
111ms XHR
text/plain 34.233.235.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fwww.inky.com%2Fphishing&uid=bNn-JTx5qLksvJROpfMIMQ&host=https://www.inky.com
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.235.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-235-75.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.inky.com
Date: Wed, 06 Jan 2021 16:02:12 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9FA8CC40D15B6C20851A68C5073F275F7318A6401.jpg
api.contentengine.net/images/ 3 KB
3 KB 181ms
177ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9FA8CC40D15B6C20851A68C5073F275F7318A6401.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 2722
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D99C9BCABE29C41BAEB4BDE1794E9CBF1D09FDBDA3.jpg
api.contentengine.net/images/ 5 KB
6 KB 185ms
181ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D99C9BCABE29C41BAEB4BDE1794E9CBF1D09FDBDA3.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 5542
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9072279420073CC83DC48293ADEEB6B7937BFCA88.jpg
api.contentengine.net/images/ 8 KB
8 KB 359ms
173ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9072279420073CC83DC48293ADEEB6B7937BFCA88.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 7756
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D90FB4AA98E1EEDFDDF171480C58D6FA2660FCA80A.jpg
api.contentengine.net/images/ 7 KB
8 KB 367ms
178ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D90FB4AA98E1EEDFDDF171480C58D6FA2660FCA80A.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 7594
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D96A63C5F1762A98BA794FDA4C88A24AC3A74335FB.jpg
api.contentengine.net/images/ 7 KB
7 KB 474ms
177ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D96A63C5F1762A98BA794FDA4C88A24AC3A74335FB.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 7205
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9E3FABCD403FC802A139271B811F936EE9ECBE7CC.jpg
api.contentengine.net/images/ 13 KB
13 KB 482ms
180ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9E3FABCD403FC802A139271B811F936EE9ECBE7CC.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9A6FA66202D8FB9468E6EFC7683872408A56D281C.png
api.contentengine.net/images/ 78 KB
78 KB 315ms
190ms Image
image/png 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9A6FA66202D8FB9468E6EFC7683872408A56D281C.png
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D92489740998A4AC2C6A38A1D727D41B3C32BA6190.jpg
api.contentengine.net/images/ 11 KB
11 KB 314ms
185ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D92489740998A4AC2C6A38A1D727D41B3C32BA6190.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9FF50FB8160A8B554E75DFDF416B40F19821B9DB6.jpg
api.contentengine.net/images/ 6 KB
6 KB 171ms
171ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9FF50FB8160A8B554E75DFDF416B40F19821B9DB6.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 5954
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9D3F339C8DA811446FC68EC40CFE54EBFD646A586.jpg
api.contentengine.net/images/ 7 KB
7 KB 172ms
171ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9D3F339C8DA811446FC68EC40CFE54EBFD646A586.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 7166
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D90C9EBA72AB74ACB99B84ECC5D5C1B192AEF91FA6.png
api.contentengine.net/images/ 29 KB
29 KB 177ms
177ms Image
image/png 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D90C9EBA72AB74ACB99B84ECC5D5C1B192AEF91FA6.png
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D940757B8D3794B8574ECDA22D5C51E74D5F4881A5.jpg
api.contentengine.net/images/ 3 KB
3 KB 172ms
172ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D940757B8D3794B8574ECDA22D5C51E74D5F4881A5.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 3176
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D93B2C25F75497DDE8939850D20C6EDA95211B5BB9.jpg
api.contentengine.net/images/ 7 KB
8 KB 173ms
172ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D93B2C25F75497DDE8939850D20C6EDA95211B5BB9.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 7554
Content-Type: image/jpeg

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D97C08AB6EB90C5230CA107D2B97DE117268AF9CB0.png
api.contentengine.net/images/ 49 KB
49 KB 180ms
180ms Image
image/png 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D97C08AB6EB90C5230CA107D2B97DE117268AF9CB0.png
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9F6BA7CD303E1C2B9716A3AEDFB43BFA6186B291D.jpg
api.contentengine.net/images/ 6 KB
6 KB 179ms
178ms Image
image/jpeg 24.173.150.18
BHN-33363

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.contentengine.net/images/DDEA84F3BE83EC4FB5E2D962EDBBC2CCE75450D9F6BA7CD303E1C2B9716A3AEDFB43BFA6186B291D.jpg
Requested by: Host: www.inky.com
URL: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.173.150.18 Inverness, United States, ASN33363 (BHN-33363, US),
Reverse DNS: rrcs-24-173-150-18.se.biz.rr.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 16:02:13 GMT
Server: Apache/2.4.46 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 6303
Content-Type: image/jpeg

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
129 B 46ms
46ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=b4cfb89a-2056-4f97-8bc0-402eb66e1434&fci=505fb0c2-4b59-472d-a472-a450a5d82db3&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4660171&pi=37361548429&ct=standard-page&ccu=https%3A%2F%2Fwww.inky.com%2Fphishing&cpi=37361548429&lpi=37361548429&lvi=37361548429&pu=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&t=Phishing+Daily&cts=1609948934043&vi=9af223a8dc791ae3489cdd3ebea2ba83&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 60d6a985dc119710-FRA
date: Wed, 06 Jan 2021 16:02:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 077a0847a900009710f714e000000001
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
129 B 42ms
42ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=b4cfb89a-2056-4f97-8bc0-402eb66e1434&fci=505fb0c2-4b59-472d-a472-a450a5d82db3&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4660171&pi=37361548429&ct=standard-page&ccu=https%3A%2F%2Fwww.inky.com%2Fphishing&cpi=37361548429&lpi=37361548429&lvi=37361548429&pu=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&t=Phishing+Daily&cts=1609948934048&vi=9af223a8dc791ae3489cdd3ebea2ba83&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 60d6a985ec139710-FRA
date: Wed, 06 Jan 2021 16:02:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 077a0847ae00009710f8007000000001
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
258 B 27ms
26ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4660171&pi=37361548429&ct=standard-page&ccu=https%3A%2F%2Fwww.inky.com%2Fphishing&cpi=37361548429&lpi=37361548429&lvi=37361548429&pu=https%3A%2F%2Fwww.inky.com%2Fphishing%3Fce%3Dmichael_p_merritt%2540homedepot.com%26cfn%26cln%26cc%26utm_campaign%3Dprosdata%26utm_medium%3DEmail%26utm_source%3DSG&t=Phishing+Daily&cts=1609948934052&vi=9af223a8dc791ae3489cdd3ebea2ba83&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 60d6a985ec149710-FRA
date: Wed, 06 Jan 2021 16:02:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 077a0847ae0000971014358000000001
x-robots-tag: none

POST
H2 200 perf
www.inky.com/_hcms/ 2 B
193 B 211ms
210ms XHR
text/plain 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inky.com/_hcms/perf
Requested by: Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/d57d941c56ae95b874e95340beb17c30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

cf-ray: 60d6a9986cc210eb-CPH
date: Wed, 06 Jan 2021 16:02:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B2F4EF4ECDC10F02384D0B6026E0FF10DD0EFD8E9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
x-robots-tag: none
content-length: 2
cf-request-id: 077a085342000010eb9d924000000001

GET
H/1.1 200
OK x.js
s.canddi.io/ 79 B
441 B 51ms
50ms Script
application/javascript 52.212.74.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.canddi.io/x.js?Id={%22B%22:%220812cc16cd0d75ac1e61bee9487f7804%22}&S={%22SId%22:%22e323ecadf581c8cd7aff760e0cf9d863%22,%20%22TId%22:%22d57d941c56ae95b874e95340beb17c30%22,%20%22GNo%22:%223%22}&G-GT=&G-P=eyJ1cmwiOiJodHRwczovL3d3dy5pbmt5LmNvbS9waGlzaGluZz9jZT1taWNoYWVsX3BfbWVycml0dCU0MGhvbWVkZXBvdC5jb20mY2ZuJmNsbiZjYyZ1dG1fY2FtcGFpZ249cHJvc2RhdGEmdXRtX21lZGl1bT1FbWFpbCZ1dG1fc291cmNlPVNHIiwicG9ydGFsIjo0NjYwMTcxLCJjb250ZW50IjozNzM2MTU0ODQyOSwiZ3JvdXAiOi0xLCJjb25uZWN0aW9uIjp7ImVmZmVjdGl2ZVR5cGUiOiI0ZyIsImRvd25saW5rIjoxMCwicnR0IjowfSwidGltaW5nIjp7ImNvbm5lY3RTdGFydCI6MTYwOTk0ODkzMDMwNiwibmF2aWdhdGlvblN0YXJ0IjoxNjA5OTQ4OTMwMjczLCJsb2FkRXZlbnRFbmQiOjE2MDk5NDg5MzQwNjcsImRvbUxvYWRpbmciOjE2MDk5NDg5MzA0MzIsInNlY3VyZUNvbm5lY3Rpb25TdGFydCI6MTYwOTk0ODkzMDMyMywiZmV0Y2hTdGFydCI6MTYwOTk0ODkzMDI3MywiZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQiOjE2MDk5NDg5MzEzNjgsInJlc3BvbnNlU3RhcnQiOjE2MDk5NDg5MzA0MjksInJlc3BvbnNlRW5kIjoxNjA5OTQ4OTMwNDMxLCJkb21JbnRlcmFjdGl2ZSI6MTYwOTk0ODkzMTM2NywiZG9tYWluTG9va3VwRW5kIjoxNjA5OTQ4OTMwMzA2LCJyZWRpcmVjdFN0YXJ0IjowLCJyZXF1ZXN0U3RhcnQiOjE2MDk5NDg5MzAzNTQsInVubG9hZEV2ZW50RW5kIjowLCJ1bmxvYWRFdmVudFN0YXJ0IjowLCJkb21Db21wbGV0ZSI6MTYwOTk0ODkzNDAxNiwiZG9tYWluTG9va3VwU3RhcnQiOjE2MDk5NDg5MzAyNzQsImxvYWRFdmVudFN0YXJ0IjoxNjA5OTQ4OTM0MDE2LCJkb21Db250ZW50TG9hZGVkRXZlbnRFbmQiOjE2MDk5NDg5MzEzOTcsInJlZGlyZWN0RW5kIjowLCJjb25uZWN0RW5kIjoxNjA5OTQ4OTMwMzU0fX0%3D&G-T=&G-U=aHR0cHM6Ly93d3cuaW5reS5jb20vL19oY21zL3BlcmY%3D&G-V=POST&v=12.2.0&rand=01629832

Requested by

Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/d57d941c56ae95b874e95340beb17c30.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.74.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-74-79.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jan 2021 16:02:17 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0
Connection: keep-alive
Content-Length: 79
Expires: Wed, 06 Jan 2021 16:02:18 GMT

GET
H/1.1 200
OK sh.gif
s.canddi.io/ 35 B
384 B 50ms
50ms Image
image/gif 52.212.74.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.canddi.io/sh.gif?d=15&S={%22SId%22:%22e323ecadf581c8cd7aff760e0cf9d863%22,%20%22TId%22:%22d57d941c56ae95b874e95340beb17c30%22,%20%22GNo%22:%221%22}&v=12.2.0&rand=35028921

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.74.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-74-79.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.inky.com/phishing?ce=michael_p_merritt%40homedepot.com&cfn&cln&cc&utm_campaign=prosdata&utm_medium=Email&utm_source=SG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jan 2021 16:02:26 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: Wed, 06 Jan 2021 16:02:27 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14051612624/1572376088401/Custom/page/mjfw/mjfw_main.js(Line 1) Message: IE TEST

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.contentengine.net
app.hubspot.com
apt.techtarget.com
cdn.callrail.com
cdn.canddi.io
cdn2.hubspot.net
cdns.canddi.com
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
i.canddi.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
nextroll.com
px.ads.linkedin.com
s.adroll.com
s.canddi.io
script.crazyegg.com
snap.licdn.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
track.hubspot.com
trk.techtarget.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.inky.com
www.linkedin.com
104.111.214.206
151.139.243.18
163.171.132.119
18.203.70.43
199.60.103.254
206.19.49.24
216.58.208.34
23.111.9.35
24.173.150.18
2606:4700::6810:5605
2606:4700::6811:43b0
2606:4700::6811:83ab
2606:4700::6811:f2cc
2606:4700::6812:15bf
2606:4700::6813:9408
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:814::2004
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200e
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9b
2a02:26f0:10c:58e::25ea
2a05:f500:10:101::b93f:9105
34.233.235.75
52.200.34.95
52.205.51.47
52.212.74.79
54.74.23.153
54.78.251.22
65.9.7.43
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
057839035b660b390bcd2dc55ef31b6395fb51eeb55ede9e03139b6b27c9df93
26ce172b9968fcd715ec9caced0c928f8818a4a2d65bbdc21ce177c996a5275b
2f6235951e70e222f23f04e7ab2716af75612711053dde2d18c4b6e0268efdbe
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
3e4708fc1f7842d6481ad0a9863c146671349cba513319cd3202b6c47aebf7df
5066eb8c5e597263405f571bf0e8ae80bab9fbe2322c2f95f0b8d76e3b1a8ca8
564970ca3723a64d7b53f0013336ac0c9ce98095092b146db1d3e715af9d1bff
6ac089f5f1fe40dc6f4279ed44a86244800edf020b5f5add666467ec026fbddf
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
862e6c27e52dc72874efc233514939db440a5859c36f89f409b9b5a2d28bd56c
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8b938a4510e591606d684712884d57058d12674ec6fd73673f58131479858264
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a586df7d6736113cad2bd970e7baa94faf93d3ac149860a6dbe96d8ef63d49c7
c3f99c65ea3d6186991a21add80eeea6d79500fcb3c9d8263680e0de270e0753
cea0e07753d8fa388dc1883da9e072af5c3fb47c848112db858bd2f663e60478
d3147e727616c1f0d39af9d724299424a6c1ead8fef0f819563d43ecdf16bf57
dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

www.inky.com Open in urlscan Pro 199.60.103.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

58 %IPv6

28 Domains

37 Subdomains

36 IPs

7 Countries

1112 kBTransfer

3006 kBSize

0 Cookies

0 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.inky.com Open in urlscan Pro
199.60.103.254 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

58 %
IPv6

28
Domains

37
Subdomains

36
IPs

7
Countries

1112 kB
Transfer

3006 kB
Size

0
Cookies

98 HTTP transactions
0 data transactions