urlscan.io logo urlscan.io
SecurityTrails logo

employee.airpainters.com Open in urlscan Pro
72.3.215.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.employee.airpainters.com/
Effective URL: https://employee.airpainters.com/index.php?p=Login
Submission: On August 23 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 15 domains to perform 43 HTTP transactions. The main IP is 72.3.215.57, located in United States and belongs to RMH-14, US. The main domain is employee.airpainters.com.
TLS certificate: Issued by R11 on August 23rd 2024. Valid for: 3 months.
This is the only time employee.airpainters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 24 72.3.215.57 33070 (RMH-14)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.19.175.188 13335 (CLOUDFLAR...)
2 142.250.81.232 15169 (GOOGLE)
1 142.251.40.162 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.41.4 15169 (GOOGLE)
43 17
24    72.3.215.57 (United States)

ASN33070 (RMH-14, US)
www.employee.airpainters.com
employee.airpainters.com
2    2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:8ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
2    2606:4700::6810:6ffe (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6812:f36c (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
2    142.250.81.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net
www.googletagmanager.com
1    142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
googleads.g.doubleclick.net
1    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    142.251.41.4 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
24 airpainters.com
www.employee.airpainters.com
employee.airpainters.com
557 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
375 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
td.doubleclick.net — Cisco Umbrella Rank: 481
1 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 9601
forms.hscollectedforms.net — Cisco Umbrella Rank: 9837
25 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
96 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
64 B
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 9382
883 B
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 5359
1 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 7580
1 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 5067
26 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 5135
25 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 7189
4 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 5414
1 KB
0 addthis.com Failed
s7.addthis.com Failed
43 15
Domain Requested by
23 employee.airpainters.com 1 redirects employee.airpainters.com
4 www.googletagmanager.com employee.airpainters.com
www.googletagmanager.com
js.hsadspixel.net
2 www.google-analytics.com www.googletagmanager.com
2 ajax.googleapis.com employee.airpainters.com
1 www.google.com
1 td.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 forms.hsforms.com
1 track.hubspot.com
1 api.hubapi.com js.hsadspixel.net
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-scripts.com www.googletagmanager.com
1 www.employee.airpainters.com 1 redirects
0 s7.addthis.com Failed employee.airpainters.com
43 18

This site contains links to these domains. Also see Links.

Domain
symetricproductions.com
Subject Issuer Validity Valid
employee.airpainters.com
R11		 2024-08-23 -
2024-11-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
hs-scripts.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
hsadspixel.net
WE1		 2024-08-12 -
2024-11-10		 3 months crt.sh
hscollectedforms.net
WE1		 2024-07-25 -
2024-10-23		 3 months crt.sh
hs-analytics.net
WE1		 2024-08-09 -
2024-11-07		 3 months crt.sh
hs-banner.com
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
hubapi.com
E6		 2024-07-02 -
2024-09-30		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh
hsforms.com
WE1		 2024-08-12 -
2024-11-10		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://employee.airpainters.com/index.php?p=Login
Frame ID: 44813FC3FA96CC3C56D6237524F42487
Requests: 42 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/752682333?random=1724415631146&cv=11&fst=1724415631146&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb813030698&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Femployee.airpainters.com%2Findex.php%3Fp%3DLogin&hn=www.googleadservices.com&frm=0&tiba=Air%20Painters%20-%20Niagara%27s%20Commercial%20and%20Institutional%20Painter&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1466473221.1724415630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 2FC08BB7D1D7F059FF2996C81704AA4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Air Painters - Niagara's Commercial and Institutional Painter

Page URL History Show full URLs

  1. https://www.employee.airpainters.com/ HTTP 301
    https://employee.airpainters.com/ HTTP 302
    https://employee.airpainters.com/index.php?p=Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

43
Requests

98 %
HTTPS

69 %
IPv6

15
Domains

18
Subdomains

17
IPs

2
Countries

1112 kB
Transfer

2265 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.employee.airpainters.com/ HTTP 301
    https://employee.airpainters.com/ HTTP 302
    https://employee.airpainters.com/index.php?p=Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
employee.airpainters.com/
Redirect Chain
  • https://www.employee.airpainters.com/
  • https://employee.airpainters.com/
  • https://employee.airpainters.com/index.php?p=Login
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PHP/7.0.33 PleskLin
Resource Hash
fd574f9c51b054fdf933dee75f8a144a2a702b208e08aede669f19f5146e48fa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 23 Aug 2024 12:20:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
x-powered-by
PHP/7.0.33 PleskLin

Redirect headers

cache-control
private
content-type
text/html; charset=UTF-8
date
Fri, 23 Aug 2024 12:20:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/index.php?p=Login
pragma
no-cache
server
nginx
x-powered-by
PHP/7.0.33 PleskLin
screen.css
employee.airpainters.com/shared/skins/default/styles/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/styles/screen.css
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0f88ce8a9c21111ca015ae88c7ede49b480217d541364215b200cb3e773c2aa9

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
W/"662a57d3-3a0a"
x-powered-by
PleskLin
content-type
text/css
jquery.bxslider.css
employee.airpainters.com/shared/skins/default/styles/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/styles/jquery.bxslider.css
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
bf86020f7f345ba24f5190edffe444d9800a53de42f3af3abf51c103bc39bd31

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
W/"662a57d3-ebb"
x-powered-by
PleskLin
content-type
text/css
blog.css
employee.airpainters.com/shared/skins/default/styles/ 		3 KB
909 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/styles/blog.css
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ef98f9f5738b68fce852eced1eaebf8192cf53e6804df212738637924ab9f60c

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
W/"662a57d3-c7a"
x-powered-by
PleskLin
content-type
text/css
slideshow.css
employee.airpainters.com/shared/skins/default/styles/ 		2 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/styles/slideshow.css
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1c2866e7fb7a11f53a088e8c7cb8a0d7afbff69e9d81ed43b81b9697ba18085f

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
W/"662a57d3-726"
x-powered-by
PleskLin
content-type
text/css
queries.css
employee.airpainters.com/shared/skins/default/styles/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/styles/queries.css
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a0197944d70fd5595ddf3488dc019bace672e99899d637290d4ad6b63a8eda68

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
W/"662a57d3-27df"
x-powered-by
PleskLin
content-type
text/css
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Aug 2025 13:59:37 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ 		233 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 10:12:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63865
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Aug 2025 10:12:42 GMT
jquery.bxslider.js
employee.airpainters.com/shared/skins/default/scripts/ 		49 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/scripts/jquery.bxslider.js
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
bddbba35635904eca1d7f9edc74bdbcba04ec0f5a16286fdbd8f78fb0f7e0c6f

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
W/"662a57d3-c58d"
x-powered-by
PleskLin
content-type
application/javascript
scripts.js
employee.airpainters.com/shared/skins/default/scripts/ 		428 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/scripts/scripts.js
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
dacb6198f9a3d43410c9d5f32517f74d45e67e0c2b427e850a98ba618ee6d0b8

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
x-accel-version
0.01
server
nginx
etag
W/"1ac-616eb9aa5ca1b"
x-powered-by
PleskLin
content-type
application/javascript
addthis_widget.js
s7.addthis.com/js/250/ 		0
0
swfobject.js
employee.airpainters.com/shared/skins/default/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/scripts/swfobject.js
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
aad4f11790ae41d11a7c7bb613b9f82206f37eb4894966fe15e5f880c5d9b72a

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
W/"662a57d3-22a4"
x-powered-by
PleskLin
content-type
application/javascript
slideshow.js
employee.airpainters.com/shared/includes/javascript/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/includes/javascript/slideshow.js
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f0029218b7b2f4b1cec82cf3f7850efca4dc09d6643889a28fa5ef8142b9fb8a

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
W/"662a57d3-2e5e"
x-powered-by
PleskLin
content-type
application/javascript
logo.png
employee.airpainters.com/shared/skins/default/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employee.airpainters.com/shared/skins/default/images/logo.png
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2523eb1678dac9bff7ff2bf2329ac7fb8764ca1bfb22fef8d7f11d9fa4763729

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
"662a57d3-1009"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
4105
symetric_logo.png
employee.airpainters.com/shared/skins/default/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employee.airpainters.com/shared/skins/default/images/symetric_logo.png
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6b8c21fb583f657c1c1d3222e9b43e13016a4d5c0e1075df148bbd484da28a32

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
"662a57d3-5dd"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
1501
footer-logo.png
employee.airpainters.com/shared/skins/default/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employee.airpainters.com/shared/skins/default/images/footer-logo.png
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e42e81910b15f48d5c97268c0091e0c54beb6799dbf0b2b3ee50d780d21edce4

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
"662a57d3-670"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
1648
fonts.css
employee.airpainters.com/shared/skins/default/styles/ 		1 KB
400 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/styles/fonts.css
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/shared/skins/default/styles/screen.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
beb3565144502f96c2a72afed3de4c05bd4ae1b7b94853cdab8a86c230672bcc

Request headers

Referer
https://employee.airpainters.com/shared/skins/default/styles/screen.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
W/"662a57d3-4f7"
x-powered-by
PleskLin
content-type
text/css
print.css
employee.airpainters.com/shared/skins/default/styles/ 		297 B
329 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/styles/print.css
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ba8d8a5414a5284ad27d60956265dac516c1ad035e23908fb804c0c5dd154433

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:29 GMT
content-encoding
br
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
x-accel-version
0.01
server
nginx
etag
W/"129-616eb9aa5d1eb"
x-powered-by
PleskLin
content-type
text/css
gtm.js
www.googletagmanager.com/ 		266 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-59B3D46
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/index.php?p=Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
052b2958a7857fe99fabf2837cc792e0aad862373b69a120e12ce99e80801bf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96989
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Aug 2024 12:20:29 GMT
background.jpg
employee.airpainters.com/shared/skins/default/images/ 		340 KB
341 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employee.airpainters.com/shared/skins/default/images/background.jpg
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/shared/skins/default/styles/screen.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
03ebd3c70a135c86f132918c39ecc738a28d1899ae3fd6a55c01af79422ff5b0

Request headers

Referer
https://employee.airpainters.com/shared/skins/default/styles/screen.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:29 GMT
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
"662a57d3-5500c"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
348172
logo.png
employee.airpainters.com/shared/skins/default/images/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employee.airpainters.com/shared/skins/default/images/logo.png
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/shared/skins/default/styles/screen.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2523eb1678dac9bff7ff2bf2329ac7fb8764ca1bfb22fef8d7f11d9fa4763729

Request headers

Referer
https://employee.airpainters.com/shared/skins/default/styles/screen.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:28 GMT
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
"662a57d3-1009"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
4105
services.png
employee.airpainters.com/shared/skins/default/images/page_titles/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employee.airpainters.com/shared/skins/default/images/page_titles/services.png
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/shared/skins/default/styles/screen.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
227473d73f14b0c3b32fbff5331d5516996db29d2656a1da529cd50aa7856ceb

Request headers

Referer
https://employee.airpainters.com/shared/skins/default/styles/screen.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:29 GMT
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
"662a57d3-1bc5c"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
113756
tt0142m_-webfont.woff
employee.airpainters.com/shared/skins/default/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/fonts/tt0142m_-webfont.woff
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/shared/skins/default/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
55a8fb24bef3078e7b250e015d3bec0c825e1677798de4af85c9647cf8332253

Request headers

Referer
https://employee.airpainters.com/shared/skins/default/styles/fonts.css
Origin
https://employee.airpainters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:29 GMT
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
"662a57d3-5c00"
x-powered-by
PleskLin
content-type
application/font-woff
accept-ranges
bytes
content-length
23552
futurastd-medium-webfont.woff
employee.airpainters.com/shared/skins/default/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/fonts/futurastd-medium-webfont.woff
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/shared/skins/default/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
4e116510dde435d19b20e6e2a38e51e23a811073bd59ea383e8bf2f4bcbda255

Request headers

Referer
https://employee.airpainters.com/shared/skins/default/styles/fonts.css
Origin
https://employee.airpainters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:29 GMT
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
"662a57d3-5814"
x-powered-by
PleskLin
content-type
application/font-woff
accept-ranges
bytes
content-length
22548
futurastd-book-webfont.woff
employee.airpainters.com/shared/skins/default/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/shared/skins/default/fonts/futurastd-book-webfont.woff
Requested by
Host: employee.airpainters.com
URL: https://employee.airpainters.com/shared/skins/default/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d979f9cf867c9eb0db2185f818eb6e213b125fd8e14037d6ee965033b7ca9378

Request headers

Referer
https://employee.airpainters.com/shared/skins/default/styles/fonts.css
Origin
https://employee.airpainters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:29 GMT
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
etag
"662a57d3-5a90"
x-powered-by
PleskLin
content-type
application/font-woff
accept-ranges
bytes
content-length
23184
js
www.googletagmanager.com/gtag/ 		327 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HQ17RN3L1Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59B3D46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb1a84422b8992582d10e02c736933cee9aba47c8eda8470c1f5b23791abdab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109461
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 23 Aug 2024 12:20:29 GMT
4092600.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4092600.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59B3D46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b67f9fa3350b5af8024232f2d4d321e92c2012424512c5d657047ccdf178312
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
4c546faf-cccd-42c1-925a-9518464a54c7
x-envoy-upstream-service-time
28
content-length
638
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4c546faf-cccd-42c1-925a-9518464a54c7
last-modified
Fri, 23 Aug 2024 12:20:30 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://employee.airpainters.com
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-78c8468c8b-gtldv
access-control-allow-credentials
true
cache-control
public, max-age=90
accept-ranges
bytes
cf-ray
8b7b0e97084b21bb-MIA
expires
Fri, 23 Aug 2024 12:22:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-HQ17RN3L1Y&gtm=45je48l0v9101864070z8813030698za200zb813030698&_p=1724415629057&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=930889668.1724415630&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724415629&sct=1&seg=0&dl=https%3A%2F%2Femployee.airpainters.com%2Findex.php%3Fp%3DLogin&dt=Air%20Painters%20-%20Niagara%27s%20Commercial%20and%20Institutional%20Painter&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2681
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HQ17RN3L1Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 12:20:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://employee.airpainters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fb.js
js.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4092600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e65bb6e555dfd57aa1b16c0bc6174b442a03e0fe9b9957c879ab69294dc5764a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
content-encoding
gzip
via
1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-amz-version-id
pOscxhdU0l3Ndyv0BYVfY8s0BEhlRjr9
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
cf5640c8-aacf-41cf-9912-6076597e0851
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.576/bundles/pixels-release.js&cfRay=8b73885288b30800-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age
173
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
cf5640c8-aacf-41cf-9912-6076597e0851
last-modified
Thu, 22 Aug 2024 14:15:20 UTC
server
cloudflare
etag
W/"73bb50ec67e54dc95fd354ea4f33b57f"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-xgqk6
cf-ray
8b7b0e990dbb2576-MIA
x-amz-cf-id
ZC9-hgJxlzJomYg1kAOk5SRQa0Iu2Y_iok6m7gVQXiGO6vK3sRGCJg==
x-hs-target-asset
adsscriptloaderstatic/static-1.576/bundles/pixels-release.js
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4092600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://employee.airpainters.com/
Origin
https://employee.airpainters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.586/bundles/project.js&cfRay=8b7b0e9a7a43a669-EWR
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"ac41634810840adc02ea51748cb19c2f"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.586/bundles/project.js
date
Fri, 23 Aug 2024 12:20:30 GMT
x-amz-version-id
FCxgV_B3nWescR00el0uV0Hdj2lazDBZ
x-content-type-options
nosniff
cf-cache-status
EXPIRED
via
1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
378bfb09-b135-4589-99ce-a17cd184476d
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
x-request-id
378bfb09-b135-4589-99ce-a17cd184476d
last-modified
Tue, 23 Jul 2024 12:55:20 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-2hxmr
cf-ray
8b7b0e9a7a43a669-MIA
x-amz-cf-id
qmB684Tw_otD3Gjjxiatc2V1ybl4CKoN7VJcrKO7GFmp6fGeq_nqIQ==
4092600.js
js.hs-analytics.net/analytics/1724415600000/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1724415600000/4092600.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4092600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de24f736ee8fd0ffcd1ea39bbff1016c51d9e049622efdff65eacbcee377f9cb

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
F8ATEV8163MKQP3T
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
f9e572c2-9aa1-4e9f-afb1-65d261646511
x-envoy-upstream-service-time
32
x-amz-id-2
B3XnYBBoopP19jJcNRgF6eV8UxQAzFMmMrqtnI2yj963cmrmQ0L3xKfHL++roQOCqT2jmPLIjDvXmrzrNHfUX8kDyv037SQ0J2ifH/Wt+mU=
x-evy-trace-listener
listener_https
x-request-id
f9e572c2-9aa1-4e9f-afb1-65d261646511
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 22 Aug 2024 10:20:48 GMT
server
cloudflare
etag
W/"0f894f1916be303aa32f5f5e51cc886a"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-wgwsj
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8b7b0e9a7d5e228a-MIA
expires
Fri, 23 Aug 2024 12:25:30 GMT
banner.js
js.hs-banner.com/v2/4092600/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/4092600/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4092600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd2d136b28b0225becec8f46bffc563b78000db9f0c75e57310d9fff50f8a8f

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
x-amz-version-id
9oBg7mmkIxTjXTWG3TWt4HRl8z1FNGRw
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
YDCKXZ7W2SJQVSJK
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
6774caab-066b-491b-86bd-0462854de9dd
x-envoy-upstream-service-time
227
x-amz-id-2
cAuzJK0AppLAXBhcdx1HztAKVjk2Fxqymwb7Y6YcCe7+abTLhm3/Jm1JVZvsK3NtexI8AJJE8qM=
x-evy-trace-listener
listener_https
x-request-id
6774caab-066b-491b-86bd-0462854de9dd
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 22 Apr 2024 12:06:00 GMT
server
cloudflare
etag
W/"d2617ebc7ec91f3dc31cad7ec0c569d7"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.airpainters.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-gtkxs
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8b7b0e9a7e46336a-MIA
expires
Fri, 23 Aug 2024 12:25:30 GMT
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		134 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=4092600&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d5d775f3d4fbda90922a7d6c8e7fdad26557632ebf2cacc3aa1966078c17904
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
3aec3450-8b6a-488a-a0d4-0f9058d032b9
x-envoy-upstream-service-time
12
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3aec3450-8b6a-488a-a0d4-0f9058d032b9
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://employee.airpainters.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-n2bh8
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8b7b0e9bebf0a669-MIA
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=4092600
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f36c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dcb3f29fcd127c8426713638d90f7de0e1057cbfcfeec35a591018a9562997b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
189108d6-2700-4a31-9f5f-8fcf8356e59e
content-encoding
br
x-envoy-upstream-service-time
11
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
189108d6-2700-4a31-9f5f-8fcf8356e59e
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://employee.airpainters.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-78c8468c8b-rpgjp
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJk%2F3oVv8nEyyN2MBOHoGrYUs7I5wBoWNjTE1JGZB%2BdrM175VTg0a5WQwYzVqi1l2YdyqkMMEH7e9l0phdqob3GYJM8tKgzYEt%2BpBluBosiRgdDvt7%2Fap45U0EBfIHazkrrLH8Gjlh8BRiJC"}],"group":"cf-nel","max_age":604800}
cf-ray
8b7b0e9c6dcfda23-MIA
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=880384190&v=1.1&a=4092600&rcu=http%3A%2F%2Fwww.airpainters.com%2Findex.php%3Fp%3DLogin&pu=https%3A%2F%2Femployee.airpainters.com%2Findex.php%3Fp%3DLogin&t=Air+Painters+-+Niagara%27s+Commercial+and+Institutional+Painter&cts=1724415630699&vi=ca0caea8c8ecc3868379a6048686faed&nc=true&u=123839061.ca0caea8c8ecc3868379a6048686faed.1724415630688.1724415630688.1724415630688.1&b=123839061.1.1724415630688&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
68fe75dc-e223-4c51-8262-4996badda179
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
9
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
68fe75dc-e223-4c51-8262-4996badda179
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UTqlO%2Bj1q5WWSp9CAn233614XJezWoaf47Moinya5vWTm%2FUwf8eYcCpGS2TtAFHiyMML%2B34J4pAqoHCzs1uoEOpFZ7QZK7sq4UxWlAzEPD5ghkImNOV3MfL50nYk2aMa%2Bm2Nrt%2FfznMZohCsYIJC"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-gjf7m
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8b7b0e9c88a09acb-MIA
x-robots-tag
none
favicon.ico
employee.airpainters.com/ 		318 B
497 B 		Other
General
Check archive.org
Download Go to
Full URL
https://employee.airpainters.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.3.215.57 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ad5041676512f4be9ecdd3650fcee7206cdc7f93de8caa58f71d645dcffb303b

Request headers

Referer
https://employee.airpainters.com/index.php?p=Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
last-modified
Thu, 25 Apr 2024 13:17:07 GMT
server
nginx
x-accel-version
0.01
etag
"13e-616eb9a9c9692"
x-powered-by
PleskLin
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
318
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
5ad4cfcb-468b-4639-83aa-1e24dbe9dbc8
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5ad4cfcb-468b-4639-83aa-1e24dbe9dbc8
server
cloudflare
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-c6g9r
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
8b7b0e9ccba3a52a-MIA
js
www.googletagmanager.com/gtag/ 		243 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-752682333
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0ed0b95cfdaf5d71d2749d597772ff510f327183d38d2c1c1b48b94d511125da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88252
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Aug 2024 12:20:30 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-752682333&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59B3D46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fb4691e77f16a45e1afbb93475f6831bd4c48c09c94f96ae9afef68e444faf0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 12:20:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88330
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Aug 2024 12:20:30 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/752682333/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752682333/?random=1724415631146&cv=11&fst=1724415631146&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb813030698&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Femployee.airpainters.com%2Findex.php%3Fp%3DLogin&hn=www.googleadservices.com&frm=0&tiba=Air%20Painters%20-%20Niagara%27s%20Commercial%20and%20Institutional%20Painter&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1466473221.1724415630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-752682333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
1a2d80170e3c3dafc40f1fa92bb864fabda7576870ddc37d218514410333b81e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 12:20:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1421
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
752682333
td.doubleclick.net/td/rul/ Frame 2FC0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/752682333?random=1724415631146&cv=11&fst=1724415631146&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb813030698&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Femployee.airpainters.com%2Findex.php%3Fp%3DLogin&hn=www.googleadservices.com&frm=0&tiba=Air%20Painters%20-%20Niagara%27s%20Commercial%20and%20Institutional%20Painter&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1466473221.1724415630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-752682333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employee.airpainters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Aug 2024 12:20:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/752682333/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/752682333/?random=1724415631146&cv=11&fst=1724414400000&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb813030698&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Femployee.airpainters.com%2Findex.php%3Fp%3DLogin&hn=www.googleadservices.com&frm=0&tiba=Air%20Painters%20-%20Niagara%27s%20Commercial%20and%20Institutional%20Painter&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1466473221.1724415630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfAXSvyDuUoDLovrEHBNE2iqy5zlaoEw&random=3446268395&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 12:20:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-HQ17RN3L1Y&gtm=45je48l0v9101864070za200zb813030698&_p=1724415629057&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=930889668.1724415630&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1724415629&sct=1&seg=0&dl=https%3A%2F%2Femployee.airpainters.com%2Findex.php%3Fp%3DLogin&dt=Air%20Painters%20-%20Niagara%27s%20Commercial%20and%20Institutional%20Painter&en=scroll&epn.percent_scrolled=90&_et=56&tfd=7768
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HQ17RN3L1Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://employee.airpainters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 12:20:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://employee.airpainters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/js/250/addthis_widget.js

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| swfobject object| dataLayer function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _hsp boolean| PIXELS_RAN object| enabledEventSettings object| _hsq object| __hsCollectedFormsDebug object| _paq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime object| GooglebQhCsO

13 Cookies

Domain/Path Name / Value
employee.airpainters.com/ Name: PHPSESSID
Value: 749h98aip1s6vbot9uee57jkp5
.airpainters.com/ Name: _gcl_au
Value: 1.1.1466473221.1724415630
.airpainters.com/ Name: _ga
Value: GA1.1.930889668.1724415630
.airpainters.com/ Name: _ga_HQ17RN3L1Y
Value: GS1.1.1724415629.1.0.1724415630.0.0.0
.airpainters.com/ Name: __hstc
Value: 123839061.ca0caea8c8ecc3868379a6048686faed.1724415630688.1724415630688.1724415630688.1
.airpainters.com/ Name: hubspotutk
Value: ca0caea8c8ecc3868379a6048686faed
.airpainters.com/ Name: __hssrc
Value: 1
.airpainters.com/ Name: __hssc
Value: 123839061.1.1724415630688
.hsforms.com/ Name: __cf_bm
Value: .x5H4vIekKZ9aYHWM3mD5n5rjs_rjfz5GoJJo5_UnqA-1724415630-1.0.1.1-T1ECnFhgOOTdsvBfIb2qrgQ7kjd_rt2MuaplEqlix0dw_C6ovWutaNJbE3yspGHVQjXWYQQknsAcprPMybvnTA
.hsforms.com/ Name: _cfuvid
Value: mcFmD4WJ3CGd09VuAYEgAu8WAXf40.5Bn2ThG1kaQYs-1724415630889-0.0.1.1-604800000
.hubspot.com/ Name: __cf_bm
Value: C8PkZg6l_t7WZDi4dcKwowQ9ZcBJLGAVMrKkpZ72hsg-1724415630-1.0.1.1-ho__yN3idZmtNKUiNFV4fYb5caRRqXJfQWfVfxgDEzh6xJnrG6KTZNDzrUlvTLmOjPr1WlWRXFE_9dTU0.3ZqA
.hubspot.com/ Name: _cfuvid
Value: KqELOxEGhmHv9KRCBTy9IpuiamH.3oq4BBmpvv.dx1k-1724415630931-0.0.1.1-604800000
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://employee.airpainters.com/index.php?p=Login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.hubapi.com
employee.airpainters.com
forms.hscollectedforms.net
forms.hsforms.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
s7.addthis.com
td.doubleclick.net
track.hubspot.com
www.employee.airpainters.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
s7.addthis.com
104.19.175.188
142.250.81.232
142.251.40.162
142.251.41.4
2606:4700:4400::ac40:9310
2606:4700::6810:6ffe
2606:4700::6810:7674
2606:4700::6810:8ad1
2606:4700::6810:a0a8
2606:4700::6811:df98
2606:4700::6812:f36c
2607:f8b0:4006:816::200a
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::200e
72.3.215.57
03ebd3c70a135c86f132918c39ecc738a28d1899ae3fd6a55c01af79422ff5b0
052b2958a7857fe99fabf2837cc792e0aad862373b69a120e12ce99e80801bf8
0dcb3f29fcd127c8426713638d90f7de0e1057cbfcfeec35a591018a9562997b
0ed0b95cfdaf5d71d2749d597772ff510f327183d38d2c1c1b48b94d511125da
0f88ce8a9c21111ca015ae88c7ede49b480217d541364215b200cb3e773c2aa9
1a2d80170e3c3dafc40f1fa92bb864fabda7576870ddc37d218514410333b81e
1c2866e7fb7a11f53a088e8c7cb8a0d7afbff69e9d81ed43b81b9697ba18085f
227473d73f14b0c3b32fbff5331d5516996db29d2656a1da529cd50aa7856ceb
2523eb1678dac9bff7ff2bf2329ac7fb8764ca1bfb22fef8d7f11d9fa4763729
4e116510dde435d19b20e6e2a38e51e23a811073bd59ea383e8bf2f4bcbda255
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a8fb24bef3078e7b250e015d3bec0c825e1677798de4af85c9647cf8332253
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b67f9fa3350b5af8024232f2d4d321e92c2012424512c5d657047ccdf178312
6b8c21fb583f657c1c1d3222e9b43e13016a4d5c0e1075df148bbd484da28a32
6cd2d136b28b0225becec8f46bffc563b78000db9f0c75e57310d9fff50f8a8f
7d5d775f3d4fbda90922a7d6c8e7fdad26557632ebf2cacc3aa1966078c17904
a0197944d70fd5595ddf3488dc019bace672e99899d637290d4ad6b63a8eda68
aad4f11790ae41d11a7c7bb613b9f82206f37eb4894966fe15e5f880c5d9b72a
ad5041676512f4be9ecdd3650fcee7206cdc7f93de8caa58f71d645dcffb303b
ba8d8a5414a5284ad27d60956265dac516c1ad035e23908fb804c0c5dd154433
bb1a84422b8992582d10e02c736933cee9aba47c8eda8470c1f5b23791abdab1
bddbba35635904eca1d7f9edc74bdbcba04ec0f5a16286fdbd8f78fb0f7e0c6f
beb3565144502f96c2a72afed3de4c05bd4ae1b7b94853cdab8a86c230672bcc
bf86020f7f345ba24f5190edffe444d9800a53de42f3af3abf51c103bc39bd31
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
d979f9cf867c9eb0db2185f818eb6e213b125fd8e14037d6ee965033b7ca9378
dacb6198f9a3d43410c9d5f32517f74d45e67e0c2b427e850a98ba618ee6d0b8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de24f736ee8fd0ffcd1ea39bbff1016c51d9e049622efdff65eacbcee377f9cb
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e42e81910b15f48d5c97268c0091e0c54beb6799dbf0b2b3ee50d780d21edce4
e65bb6e555dfd57aa1b16c0bc6174b442a03e0fe9b9957c879ab69294dc5764a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef98f9f5738b68fce852eced1eaebf8192cf53e6804df212738637924ab9f60c
f0029218b7b2f4b1cec82cf3f7850efca4dc09d6643889a28fa5ef8142b9fb8a
fb4691e77f16a45e1afbb93475f6831bd4c48c09c94f96ae9afef68e444faf0f
fd574f9c51b054fdf933dee75f8a144a2a702b208e08aede669f19f5146e48fa