Overview

URLwww.newsandpromotions.com/tracking/8539
IP 34.117.221.220 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-09 08:06:45 UTC
StatusLoading report..
IDS alerts0
Blocklist alert59
urlquery alerts No alerts detected
Tags None

Domain Summary (53)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
track.ecampaignstats.com (1) 66269 2014-04-05 13:42:34 UTC 2022-12-09 07:12:01 UTC 209.148.95.13
ocsp.pki.goog (18) 175 2017-06-14 07:23:31 UTC 2022-12-08 17:12:01 UTC 142.250.74.131
maps.googleapis.com (3) 33876 2012-05-22 14:23:23 UTC 2022-12-08 17:13:30 UTC 216.58.207.202
trc.taboola.com (1) 602 2012-12-27 11:54:42 UTC 2022-12-08 17:14:59 UTC 151.101.1.44
psp.pushnami.com (2) 16030 2018-07-03 13:16:20 UTC 2022-12-08 09:50:45 UTC 3.216.213.114
cm.g.doubleclick.net (2) 202 2012-05-22 09:58:28 UTC 2022-12-08 17:29:34 UTC 142.250.74.66
r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 95.101.11.115
img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76
www.googletagmanager.com (1) 75 2012-10-04 01:07:32 UTC 2022-12-08 17:14:43 UTC 142.250.74.8
www.google.com (1) 7 2012-11-08 00:08:21 UTC 2022-12-08 17:22:52 UTC 142.250.74.164
www.google.no (1) 25607 2012-06-26 23:22:08 UTC 2022-12-08 17:14:59 UTC 142.250.74.163
in.hotjar.com (1) 1746 2018-07-03 09:33:18 UTC 2022-12-08 17:15:43 UTC 99.80.16.123
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
www.google-analytics.com (3) 40 2012-05-21 09:41:50 UTC 2022-12-08 17:20:06 UTC 142.250.74.14
ws30.hotjar.com (2) 63526 2022-01-04 16:30:29 UTC 2022-12-09 03:14:09 UTC 54.76.78.98
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
api.pushnami.com (4) 3782 2017-05-12 22:45:10 UTC 2022-12-08 17:27:34 UTC 54.230.111.33
rtxpx-a.akamaihd.net (1) 87970 2019-09-06 20:03:22 UTC 2022-12-08 09:17:03 UTC 95.101.10.33
rtclx.com (1) 17838 2017-12-28 23:12:31 UTC 2022-12-08 09:17:17 UTC 23.22.38.158
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239
maps.googleapis.com (3) 33876 2012-05-22 14:23:23 UTC 2022-12-08 17:13:30 UTC 142.250.74.106
developers.google.com (1) 12980 2012-06-04 12:32:46 UTC 2022-12-08 17:38:50 UTC 142.250.74.174
cdn.fqtag.com (1) 18775 2018-05-30 14:51:44 UTC 2022-12-08 23:36:45 UTC 35.190.36.172
stickyid-a.akamaihd.net (1) 94008 2019-06-02 10:14:21 UTC 2022-12-08 09:17:04 UTC 23.36.76.144
a.remarketstats.com (1) 38181 2012-11-23 02:54:21 UTC 2022-12-08 07:28:10 UTC 104.26.3.122
ocsp.sca1b.amazontrust.com (4) 1015 2016-02-14 02:37:56 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
api.pushnami.com (4) 3782 2017-05-12 22:45:10 UTC 2022-12-08 17:27:34 UTC 54.230.111.53
cardealsnearyou.com (2) 299873 2020-08-31 21:49:09 UTC 2022-12-08 22:50:27 UTC 8.38.122.197
ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2022-12-08 14:20:47 UTC 178.250.6.133
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-08 17:20:00 UTC 34.208.31.97
fonts.gstatic.com (4) 0 2014-04-02 10:51:04 UTC 2022-12-08 17:14:55 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
sb.scorecardresearch.com (2) 134 2021-05-05 22:31:54 UTC 2022-12-08 17:38:15 UTC 143.204.55.8
c.fqtag.com (2) 34931 2014-11-23 11:03:12 UTC 2022-12-09 07:34:00 UTC 35.190.72.161
trc.pushnami.com (2) 3888 2018-10-23 06:56:12 UTC 2022-12-08 20:15:46 UTC 54.158.100.145
ocsp.r2m01.amazontrust.com (1) 0 2022-10-12 20:43:53 UTC 2022-12-08 17:23:26 UTC 54.230.80.227 Domain (amazontrust.com) ranked at: 581
secure.adnxs.com (1) 396 2012-05-22 16:37:37 UTC 2022-12-08 17:12:02 UTC 185.89.211.116
cdn.taboola.com (4) 1040 2013-07-19 23:48:03 UTC 2022-12-08 17:12:48 UTC 151.101.1.44
gum.criteo.com (4) 381 2015-01-22 10:58:57 UTC 2022-12-08 17:15:40 UTC 178.250.2.146
www.cardealsnearyou.com (116) 300285 2022-06-02 19:08:18 UTC 2022-12-09 07:12:04 UTC 8.38.122.197
stats.g.doubleclick.net (1) 96 2012-07-01 17:13:23 UTC 2022-12-08 17:14:59 UTC 108.177.14.154
x.bidswitch.net (2) 286 2012-10-03 23:30:53 UTC 2022-12-08 17:12:21 UTC 3.126.197.232
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-12-08 17:12:10 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
pixel.tapad.com (1) 400 2012-10-01 07:23:01 UTC 2022-12-08 17:13:50 UTC 35.227.248.159
trc-events.taboola.com (2) 1779 2020-06-09 13:52:57 UTC 2022-12-08 17:20:01 UTC 141.226.228.48
dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-12-08 17:18:04 UTC 178.250.0.157
a.clickcertain.com (10) 3511 2012-11-04 13:43:29 UTC 2022-12-08 07:28:11 UTC 172.67.74.207
aux.fqtag.com (1) 19371 2019-08-05 18:31:42 UTC 2022-12-08 23:36:46 UTC 35.190.13.203
script.hotjar.com (1) 887 2020-11-05 10:02:45 UTC 2022-12-08 17:12:53 UTC 143.204.55.46
www.newsandpromotions.com (1) 66587 2014-04-04 17:52:37 UTC 2022-12-09 07:12:03 UTC 34.117.221.220
rdcdn.com (3) 64936 2015-03-10 15:50:25 UTC 2022-12-09 01:15:54 UTC 52.22.161.40
i.liadm.com (1) 511 2016-05-04 14:21:08 UTC 2022-12-08 17:16:42 UTC 44.209.26.9
fonts.googleapis.com (2) 8877 2012-05-23 12:41:44 UTC 2022-12-08 17:12:12 UTC 142.250.74.106

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/contact-form-7/includes/css/styl (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-includes/css/dist/block-library/style.min.css?ve (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/css/ (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/stm-motors-extends/nuxy/metaboxe (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/stm-megamenu/assets/css/megamenu (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/style.css?ver=5.1.2 Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/stm-aircrafts-f (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/listing_two/ico (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/rental/icons.cs (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/motors-vin-decoder//assets/css/s (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/motors-vin-decoder/assets/img/vi (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/classie.js?ver=5.1.2 Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/select2.min.css (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/jquery-ui.css?v (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/jquery.cookie.js (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/jquery.touch.pun (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/jquery.stmdatet (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/lib/bower/fon (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/app-user-sidebar (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/animation.css?v (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/dist/headers/he (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/lib/bower/fon (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/revslider/public/assets/css/rs6. (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/js/f (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/js/f (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/css/js_compos (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/stm-google-place (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/lazyload.js?ver=5.1.2 Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/jquery.countdown (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/cookie-notice/js/front.min.js?ve (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/app-header-scrol (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/contact-form-7/includes/swv/js/i (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/js/f (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/sell-a-car.js?ve (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/contact-form-7/includes/js/index (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/lib/bower/skr (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/lg-video.js?ver=5.1.2 Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/js/dist/js_co (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/bootstrap.min.js (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/dynamic-content-for-elementor/as (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/select2.full.min (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/app-ajax.js?ver=5.1.2 Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/js/f (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/typeahead.jquery (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/revslider/public/assets/js/rbtoo (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/stm_dt_picker.js (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/uploads/2021/03/02.jpg?id=1747 Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/stm-motors-extends/nuxy/metaboxe (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/service-worker.js Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/lib/bower/fon (...) Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/uploads/2022/02/01.jpeg?id=6230 Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/js/f (...) Phishing
2022-12-09 2 cardealsnearyou.com/wp-json/acf/v3/options/options/ Phishing
2022-12-09 2 www.cardealsnearyou.com/service-worker.js Phishing
2022-12-09 2 cardealsnearyou.com/wp-json/acf/v3/options/options/ Phishing
2022-12-09 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/dist/app.css?ve (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.117.221.220
Date UQ / IDS / BL URL IP
2022-12-18 09:31:40 +0000 0 - 0 - 53 www.newsandpromotions.com/tracking/8305 34.117.221.220
2022-12-18 09:08:02 +0000 0 - 0 - 55 www.newsandpromotions.com/tracking/8318 34.117.221.220
2022-12-17 10:34:29 +0000 0 - 0 - 56 www.newsandpromotions.com/tracking/8344 34.117.221.220
2022-12-16 08:30:42 +0000 0 - 0 - 58 www.newsandpromotions.com/tracking/8617 34.117.221.220
2022-12-15 07:54:18 +0000 0 - 0 - 60 www.newsandpromotions.com/tracking/8539 34.117.221.220


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-01-29 06:17:01 +0000 0 - 9 - 3 56373838.blogspot.be/ 172.217.21.161
2023-01-29 06:16:57 +0000 0 - 0 - 1 vitalsparkenergy.com/html/Odrivex 34.102.136.180
2023-01-29 06:16:52 +0000 0 - 2 - 0 e-boksdk.blogspot.co.il/2021/04/blog-post.html 172.217.21.161
2023-01-29 06:14:07 +0000 0 - 0 - 3 valpcomchiarec1982.blogspot.com/ 172.217.21.161
2023-01-29 06:12:44 +0000 0 - 0 - 1 rabbireport.com/mw/public_html/webmail/webmai (...) 34.102.136.180


Last 5 reports on domain: newsandpromotions.com
Date UQ / IDS / BL URL IP
2023-01-26 20:55:39 +0000 0 - 24 - 55 www.newsandpromotions.com/tracking/8383 35.227.209.77
2023-01-26 10:03:35 +0000 0 - 24 - 56 www.newsandpromotions.com/tracking/8513 35.227.209.77
2023-01-25 07:53:10 +0000 0 - 0 - 58 www.newsandpromotions.com/tracking/8461 35.227.209.77
2023-01-18 20:05:43 +0000 0 - 0 - 58 www.newsandpromotions.com/tracking/8825 35.227.209.77
2023-01-18 20:01:59 +0000 0 - 0 - 56 www.newsandpromotions.com/tracking/8539 35.227.209.77


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-18 20:01:59 +0000 0 - 0 - 56 www.newsandpromotions.com/tracking/8539 35.227.209.77
2022-12-29 08:35:06 +0000 0 - 24 - 58 www.newsandpromotions.com/tracking/8565 35.227.209.77
2022-12-28 08:27:42 +0000 0 - 24 - 58 www.newsandpromotions.com/tracking/8396 35.227.209.77
2022-12-27 07:42:17 +0000 0 - 24 - 56 www.newsandpromotions.com/tracking/8812 35.227.209.77
2022-12-22 19:28:12 +0000 0 - 24 - 0 www.newsandpromotions.com/tracking/8383 35.227.209.77

JavaScript

Executed Scripts (99)

Executed Evals (25)
#1 JavaScript::Eval (size: 20) - SHA256: f83271bbf9f61f53799bbe1ea9aa015e44b5b2ab3d7a94605b3aa390d2bfbc59
(function x() {})[-6]
#2 JavaScript::Eval (size: 7) - SHA256: 05f06428ae6926ccb3847eac1c4adbe310cdeb3f5db585f26c2b9bb7887bff03
!+'\v1'
#3 JavaScript::Eval (size: 130) - SHA256: 03bd9cf01c2441a28010a255b5c86f69e05407e3ceb6c4fe1603d80e2433c6c5
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(13).indexOf(google_tag_manager["GTM-N68RHD7"].macro(15)) ? !0 : !1
})();
#4 JavaScript::Eval (size: 113) - SHA256: ca1582320c12eedbe87181d93fc1a21f4514850f621f2a46c5181ce50a0169b2
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(28).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#5 JavaScript::Eval (size: 14) - SHA256: 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33
/*@cc_on!@*/ !1
#6 JavaScript::Eval (size: 129) - SHA256: 09914abbb5814b03cf166fab290a18295b467616498f33d602598aea91b67a12
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(8).indexOf(google_tag_manager["GTM-N68RHD7"].macro(10)) ? !0 : !1
})();
#7 JavaScript::Eval (size: 18) - SHA256: 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91
var foo = (x) => x + 1
#8 JavaScript::Eval (size: 113) - SHA256: 4ee6a40ea30771a561972c1659c8fa5ee08cd1db127eaadcb3334923ea6b4acf
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(33).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#9 JavaScript::Eval (size: 128) - SHA256: ab56d0ee9925bde1d48c8ddb280506b51c52c52e0d54d5ea65e67ce04fd33b93
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(5).indexOf(google_tag_manager["GTM-N68RHD7"].macro(7)) ? !0 : !1
})();
#10 JavaScript::Eval (size: 113) - SHA256: 9612617e766bf906cd029e512f6e0e96d9961630b36f88abf4bb6649682d67f1
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(23).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#11 JavaScript::Eval (size: 4) - SHA256: 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408
this
#12 JavaScript::Eval (size: 113) - SHA256: 62fdae530d88408b1cc4946eecd70fda26cae40808523e8e139628cb67247a07
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(14).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#13 JavaScript::Eval (size: 112) - SHA256: f329ec79ac2033511a82eb0a5011170218b09f419a501f3c4230f0a9ca8b04a2
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(9).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#14 JavaScript::Eval (size: 112) - SHA256: a537b5f7b661a7e03cf06c3bdebcd9f3dd0e8914091757ca1eb4933dfdf06c69
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(6).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#15 JavaScript::Eval (size: 113) - SHA256: a10d3709e42f6d883af0aade11821a363fbea8b92dbab82ca3441438062e776b
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(19).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#16 JavaScript::Eval (size: 17) - SHA256: 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061
/*@cc_on!@*/
false
#17 JavaScript::Eval (size: 20) - SHA256: 989aee59bc8b1d209d85b911b79e19acbd4f38b57f507a32a8824db502e689e0
(function x() {})[-5]
#18 JavaScript::Eval (size: 112) - SHA256: 8008b1b37a49037f1b4e504c18e8c4bd357026b0c666c273d14350424105217b
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(3).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#19 JavaScript::Eval (size: 128) - SHA256: 07fefc4a42c2422b8cc74180566c65218f9d29f8d68c34ad63e3197b354f963d
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(2).indexOf(google_tag_manager["GTM-N68RHD7"].macro(4)) ? !0 : !1
})();
#20 JavaScript::Eval (size: 130) - SHA256: 5d80c41a99ad13a8b59d65b8faba825421f3c425d5fe5bf8a84aee053cae9cf5
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(22).indexOf(google_tag_manager["GTM-N68RHD7"].macro(24)) ? !0 : !1
})();
#21 JavaScript::Eval (size: 130) - SHA256: 029892b62365a5a46c975a9f9b27a18c91e06aa58b22c26f117b95fa93632520
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(32).indexOf(google_tag_manager["GTM-N68RHD7"].macro(34)) ? !0 : !1
})();
#22 JavaScript::Eval (size: 31) - SHA256: 83ba63efde4d727ac5babaea99f131c7a173c43d8ba138525523e267bf5f19c9
window.location.ancestorOrigins
#23 JavaScript::Eval (size: 11) - SHA256: f587a8350df0c0f85a945195aac9f88d92f340e865a2e7fb23ad516da6623618
'\v' == 'v'
#24 JavaScript::Eval (size: 130) - SHA256: 898a0daeb2368d3466ec1d02d0638264b0cfec3bee7fbfe1c755bf4c6f853680
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(18).indexOf(google_tag_manager["GTM-N68RHD7"].macro(20)) ? !0 : !1
})();
#25 JavaScript::Eval (size: 130) - SHA256: de7f0db937335d77f276ef125fc2050929d3bc0c6c51f1ebbed3b8998ffb0a3a
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(27).indexOf(google_tag_manager["GTM-N68RHD7"].macro(29)) ? !0 : !1
})();

Executed Writes (0)


HTTP Transactions (246)


Request Response
                                        
                                            GET /tracking/8539 HTTP/1.1 
Host: www.newsandpromotions.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         34.117.221.220
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 09 Dec 2022 08:06:32 GMT
Server: Apache
Set-Cookie: _xTID=8539; expires=Fri, 09-Dec-2022 08:11:32 GMT; Max-Age=300; path=/; domain=newsandpromotions.com _xSID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=newsandpromotions.com
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Location: http://track.ecampaignstats.com/lprd/trk.php?TID=8539
Vary: User-Agent
Content-Length: 0
X-Varnish: 47495980
Age: 0
X-Cacheable: NO:Logged in/Got Sessions
Via: 1.1 varnish (Varnish/6.0), 1.1 google

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5826
Expires: Fri, 09 Dec 2022 09:43:39 GMT
Date: Fri, 09 Dec 2022 08:06:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18836
Expires: Fri, 09 Dec 2022 13:20:29 GMT
Date: Fri, 09 Dec 2022 08:06:33 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 07:08:17 GMT
age: 3496
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    bf0c602d32b3c14606f22a86183b5e3c
Sha1:   6eabd8d83475eba731968abe1a05a8bfd272f160
Sha256: 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9149
Expires: Fri, 09 Dec 2022 10:39:02 GMT
Date: Fri, 09 Dec 2022 08:06:33 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: WpfTqj3XrCWQaDdMZqnTnehisLBLCJzfFwQua5zbJL5kYd8YnQ6Alolo7lBDypbaF08Ad3S9YLM=
x-amz-request-id: M4R7351GJHBYMEVF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 07:50:10 GMT
age: 983
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Dec 2022 08:06:33 GMT
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 07:07:55 GMT
age: 3518
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5652
Cache-Control: max-age=95671
Date: Fri, 09 Dec 2022 08:06:33 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:41:04 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /lprd/trk.php?TID=8539 HTTP/1.1 
Host: track.ecampaignstats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         209.148.95.13
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 09 Dec 2022 08:06:33 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: _xTID=8539; expires=Fri, 09-Dec-2022 08:21:33 GMT; Max-Age=900
Location: https://www.cardealsnearyou.com?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content=&utm_term=
Content-Length: 0
Connection: close

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b6Sv2U3Nuo93vzAtX/BTcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.208.31.97
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LSn7kGwta4OQKtlnvY7MMksZ+II=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D233EDD8F3AA187967DFC53F504900D5F45DC17ABF6A28ABF4E6E5E482ACE174"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Fri, 09 Dec 2022 14:06:17 GMT
Date: Fri, 09 Dec 2022 08:06:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13143
Expires: Fri, 09 Dec 2022 11:45:38 GMT
Date: Fri, 09 Dec 2022 08:06:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13143
Expires: Fri, 09 Dec 2022 11:45:38 GMT
Date: Fri, 09 Dec 2022 08:06:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13143
Expires: Fri, 09 Dec 2022 11:45:38 GMT
Date: Fri, 09 Dec 2022 08:06:35 GMT
Connection: keep-alive

                                        
                                            GET /?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content=&utm_term= HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         8.38.122.197
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
x-b-cache: BYPASS
x-redirect-by: WordPress
set-cookie: stm_visitor_1=57063455; expires=Sun, 08-Jan-2023 08:06:34 GMT; Max-Age=2592000; path=/
location: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
date: Fri, 09 Dec 2022 08:06:34 GMT
server: Apache
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 15889
etag: "7558222788f06623ddae6e883413e38e1146281e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7897
Md5:    8c3214044657f3b876d1f1848bca5684
Sha1:   7558222788f06623ddae6e883413e38e1146281e
Sha256: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4840
x-amzn-requestid: 26914070-22ad-49fd-bacb-7842dcb203b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZPGd-oAMF5OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925907-5c62555a65327ff934ae232e;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gGT6ZP9a7ENOcyGNek_ac8WlyRoiYeB4KdqC2UHHlwLdWBQUhHsw7w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 22:00:01 GMT
age: 36394
etag: "433e295328d6c821a1df907c232bff4195e2860b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4840
Md5:    34a9b9b25e57f612db5560cd05e44cce
Sha1:   433e295328d6c821a1df907c232bff4195e2860b
Sha256: 139dc677e5725c98a5d90d19b206a34a4c9f43ad87cf1d322881381e992bd5b5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8345
x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRBF_gIAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:37:33 GMT
age: 70142
etag: "4792b0893827924e84cc51450012407717da4d2b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8345
Md5:    659b6eb1f1c430e2780758c7787b9a23
Sha1:   4792b0893827924e84cc51450012407717da4d2b
Sha256: f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDD0v-1I1sFVMsJl64nQDe_hHExMrSLXPrbou_J79YEQf3YwS2oklA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 06:50:54 GMT
age: 4541
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5530
Md5:    a22fc7807fb3337f0af5e546c7ad366a
Sha1:   0d5969394b370a5c77c53ed58f55e5f8a45da3ab
Sha256: 98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 54331
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5188
Md5:    fba9a3854df65740512f96efe7442e58
Sha1:   8fbff7725c842d70e047c635a725723a9dc9c55a
Sha256: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 13:49:59 GMT
age: 65796
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12748
Md5:    730ba1a8edb79ba6f83b46d1ba5aed7b
Sha1:   55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
Sha256: f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 08:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1845
Cache-Control: max-age=142603
Date: Fri, 09 Dec 2022 08:06:36 GMT
Etag: "63926f62-116"
Expires: Sat, 10 Dec 2022 23:43:19 GMT
Last-Modified: Thu, 08 Dec 2022 23:12:34 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 08:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /maps/api/js?key=AIzaSyDr1xM6IU4fHaTYM8RxC9hoou0Ig_58ITc&libraries=places%2Cdrawing%2Cgeometry&language=en&ver=2.0.1 HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Fri, 09 Dec 2022 08:06:36 GMT
expires: Fri, 09 Dec 2022 08:36:36 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 59160
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2447)
Size:   59160
Md5:    6332e5bfdf96cd06430d0d3405d41a1f
Sha1:   57eb99a9b1a7bc32cb7f12ca33ca187e1ac9b5b1
Sha256: 85dbe9d071f23f0bfb45581005f08a9d289dcbe2da174f46542a186ff9b1ee94
                                        
                                            GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/animations.css?ver=2.7.10 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:50:02 GMT
etag: "3cfb-5e9dce38493fc-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1551
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1551
Md5:    590881ddb2faca501eb64a1cae756d2a
Sha1:   095a054091ac2d12de37d460b54fac424f406fc1
Sha256: e4ac349500702dcd738cde2fb9eb760d6d11d762e25997a39e3cb9db23ad40a3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 08:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/formidable/css/formidableforms.css?ver=10181831 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 18 Oct 2022 18:31:28 GMT
etag: "c8c4-5eb534ce47ce3-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8583
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (51296)
Size:   8583
Md5:    ea90d24c5f8e265b80412d77c8fe82ce
Sha1:   9aa22159c8a3ad5e7980e8efc9d5ddd692236207
Sha256: 639d7e1e608414d341a42ed372d15f0f18caf92bb9cd946de61f814d711eea01
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 25 Oct 2022 16:45:04 GMT
etag: "aab-5ebdea14c16e2-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 972
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   972
Md5:    8bf268dfcca7cb20719b7ea14373ef4a
Sha1:   58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
Sha256: eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 13 Jul 2022 13:21:17 GMT
etag: "15b64-5e3afa8f72a1e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11681
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   11681
Md5:    e5548800176e913a9084f47a3e1e04f6
Sha1:   eff4604acc5c26ae82a19188de2f98bf5b79d80c
Sha256: a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/stm_fonts/stm-icon/stm-icon.css?ver=1.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 25 Oct 2022 16:53:57 GMT
etag: "18eb-5ebdec10e3351-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1333
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1333
Md5:    bca8508ed19ce66d215162de0dcd5743
Sha1:   538112b87de9de0ca1b5b7e2d446a3244e2f523a
Sha256: b080aba9c0cbdeb630352ebbce2c83a06783a09e4c34d54a0c8e73aa408582ef
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/owl.carousel.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "e2e-5d9e1308340c7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 899
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3630), with no line terminators
Size:   899
Md5:    0fd6cde7646e79e085a7bcd4e54454e1
Sha1:   6af9258308691fc18f233b3a716bab3d0ef49426
Sha256: 4ba6f1bcf100600b7f2e008c46cc8597916f14c8db378fa507f2daaa3560740d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/grid.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "2b33-5d9e13083350f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1444
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (540)
Size:   1444
Md5:    010ba361ace5fbb7d07bd66b3a48cf2a
Sha1:   c60c40f4e72c63363b68ba02a2a19b682041a10f
Sha256: f3edb316d73bcd98551b4d90fb059d3ebf5307852a046a507915fb0d8a7a60b8
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/lightgallery.min.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "50b4-5d9e130833cdf-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3790
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20660), with no line terminators
Size:   3790
Md5:    b8f5fb406b5dde0528079b1f2957f623
Sha1:   cd9e95a4c9121e714058ccd4b4bb20abfabc9080
Sha256: d906fb4ec194f825b3a60ba2367400588fee92446204b49fdab907258b0e68c1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 08:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 08:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4875
Cache-Control: max-age=138463
Date: Fri, 09 Dec 2022 08:06:36 GMT
Etag: "63925360-118"
Expires: Sat, 10 Dec 2022 22:34:20 GMT
Last-Modified: Thu, 08 Dec 2022 21:13:04 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1670573195 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:15:37 GMT
etag: "e7d0-5d9e133737f19-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12869
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59158)
Size:   12869
Md5:    d7913fc87c4606f82b4ee77a8d47fc2f
Sha1:   62a54acf7535ae53425b44dadfe5fdabf3d8300a
Sha256: bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stm-megamenu/assets/css/megamenu.css?ver=2.3.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:17:22 GMT
etag: "a149c-5d9e139b90cf5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 29438
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (545)
Size:   29438
Md5:    45f6eab951ca317ec475b529f46417b4
Sha1:   fce41b7dd131001beb3f1dc96a1793452f624b44
Sha256: a231e34d708b1f7663ec942c27dd9eec1fcdf574b8f9431522d3c360afbf32a2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/motorcycle/icons.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "5b3-5d2c3afd90a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 490
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   490
Md5:    cb10860ede4d9ab43f9cdb5aaae451bd
Sha1:   e3910ef96d8ceb6550f9ea6a58c712d004b79acc
Sha256: 33da399f2c6220f71350a51b05a19058cec7ccc070e5b1c18520d0eaec608830
                                        
                                            GET /wp-content/themes/motors/assets/css/service-icons.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "fad-5d2c3afd921f0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 977
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   977
Md5:    641140f1223ff5df29ee18f8c8f70aba
Sha1:   ee0c640727fd652e863fd635d520b173e8b40d13
Sha256: b5bc1943b25ef3c81c37dfb34d070364f53739ca18660bb96809c5a3225541aa
                                        
                                            GET /wp-content/themes/motors/assets/css/boat-icons.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:33 GMT
etag: "12c6-5d2c3afd50329-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1007
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1007
Md5:    ed52b7ca5b3418b28153da35cedf6071
Sha1:   4487d8be68353b68bd5cc1d13f3f06f9cdbcfb27
Sha256: 19c044faacbde16eff6a8dbde2c95c527de4de1d75240f3e32f93de390db7582
                                        
                                            GET /wp-content/themes/motors/assets/css/magazine/magazine-icon-style.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "3e5-5d2c3afd902af-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 421
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   421
Md5:    5c1a960d788c02bad2b16c27e454c54c
Sha1:   173296d3fc4e8de3414a123deb279dfdd64bd034
Sha256: f11d0b6e69aaf946642073a7cca64a84239b56463ea101419eb5cc2249a4bf5d
                                        
                                            GET /wp-content/plugins/motors-vin-decoder//assets/css/icons.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:50:26 GMT
etag: "586-5e9dce4f2e538-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 404
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1414), with no line terminators
Size:   404
Md5:    dcadca1139e6522100c6ba8850f572ca
Sha1:   dca0ee9e0f96f5f8d399e2aee39b26ff26a4ee18
Sha256: bb206bb906b05edee537c89d075ec04bc570ff9f7e59270d803b6f4bb80f2534
                                        
                                            GET /wp-content/themes/motors/style.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:35 GMT
etag: "298-5d2c3afeb1417-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 396
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   396
Md5:    5b14aab06cc4ce54392ef426221ba25d
Sha1:   07f40c8f54e83ff19f3d0b03529419cf0f93f1e5
Sha256: 32acde4090f36bd8d830b58765765d2fc848935052bb4154be54fb786447666b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/stm-aircrafts-font-style.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "5dd-5d2c3afd98f53-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 500
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   500
Md5:    e3aa2e50e7548a11d09b751859c1becb
Sha1:   576d4d743e87890fcb1d27c9b612095dc38f157f
Sha256: 08390ab2377861fbbeae93767265f829763ce9cbe12a73f93e79ce3eb2ce6c2c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/auto-parts/style.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:33 GMT
etag: "6bb-5d2c3afd4ff41-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 544
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   544
Md5:    647499d93bd6ced6839431fee63db188
Sha1:   2090144108643c4f8ad4181e18c7625a9019615d
Sha256: 46cb51a861e4887e2d2017ac5e6eb349bc2b4427948598d26d6e55e6e15dcf58
                                        
                                            GET /wp-content/themes/motors/assets/css/listing_two/icons.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "401-5d2c3afd8fadf-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 427
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   427
Md5:    19bb036adf9fd75599fa621d9cb38848
Sha1:   52111ce03d19317deb4405fe90e46fa556d3acd7
Sha256: 03e075be68024ed59155efdb887c1154ea3685980f4d35da09c6b2f21101a69a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/motors-vin-decoder//assets/css/stm-icon.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:50:26 GMT
etag: "11f1-5e9dce4f2f0f0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 922
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4593), with no line terminators
Size:   922
Md5:    db40a8a36efef57420f92ea109fc33a2
Sha1:   5554034fed439657049ea0b3bd7eb43d9aa0fb50
Sha256: c3ff3a300e8016e244ca4e49de4285da191044970ddcf0f93710d014481f5765
                                        
                                            GET /wp-content/themes/motors/assets/css/rental/icons.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "658-5d2c3afd91638-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 516
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   516
Md5:    277e52066662b1b4a68efef4e93727e2
Sha1:   a2f2b791f3510e4b5d44554e004f60d041ceca9c
Sha256: 3659bb3504f8f1972b298b0e35d3a7bb23abad8480b894c730a6081159daf0cf

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/motors-vin-decoder//assets/css/service-icons.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:50:26 GMT
etag: "ce6-5e9dce4f2e920-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 691
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3302), with no line terminators
Size:   691
Md5:    ab6f97ea7059c232693a4b570e087b62
Sha1:   dcfe539ea4e28d385ce694223174123f82e14ac0
Sha256: 6d7bc8cdd8c2936c4e49bca0f1f14363bc020331fba7379c0f741f85e014ab6f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:49:49 GMT
etag: "14d6-5e9dce2b4f716-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1108
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5334), with no line terminators
Size:   1108
Md5:    0b06d9e311712e0f5c38e06f549d646c
Sha1:   96ffc4906d416ca3c5e0aa21fc2d6ea262b4f8bd
Sha256: e3c5dbba5924a8329f175882cd40dba5f02b082fb631dc6510119a88ce19b112
                                        
                                            GET /wp-content/plugins/motors-vin-decoder/assets/img/vin-check-btn.svg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Fri, 30 Sep 2022 03:50:26 GMT
etag: "434-5e9dce4f3cf9d"
accept-ranges: bytes
content-length: 1076
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1076), with no line terminators
Size:   1076
Md5:    d0b222e20615087119d27f2619371dd0
Sha1:   dfa0a9fa19d7a53f94e430dc6210bb199b81d441
Sha256: d47df921df4e7d3e59b1b157ab1d80bdda634160a5e1f2f6251418964121b9f1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/wp-auto-affiliate-links/css/style.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:49:44 GMT
etag: "c78-5e9dce267100a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 998
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   998
Md5:    863bd6ca1f3e51547c37bbf7f3a621ed
Sha1:   b24c95e413ff38ea4e4bf0abf88db4feebe9f565
Sha256: b895c8a154b420f9612aa9911eb4a1599585fc21e550dfff747226a1f38e59e5
                                        
                                            GET /wp-content/themes/motors/assets/js/classie.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "7b4-5d2c3afdeea89"
accept-ranges: bytes
content-length: 1972
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1972
Md5:    55e1109b3022c56ad23c5ba676055619
Sha1:   a940196e1ddfad80d753dd70484da942a3b2c2b4
Sha256: 9477ec4f89eb231b413a95b7438ababe1800c2cff84bb08283dedadf565731f1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/select2.min.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "3a76-5d2c3afd91e08-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1998
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14965)
Size:   1998
Md5:    8e684dd388239a6bcac3bc41e52c4e17
Sha1:   2691065d51586e3fdcfce1ea8e51787a05061989
Sha256: f5e41c52b1303b9ad13beb859f02abc7397d27e3b6504c5bd82a2b68dfa6ece4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/jquery-ui.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "1ad9-5d2c3afd7d9c9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1833
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1165)
Size:   1833
Md5:    9c409d2d0082c4c92f139b79b9b56496
Sha1:   71af88ff8fb89bbde6780e3654e9ac5efcf6cd72
Sha256: 3abed05aa50906e4ba6d49983bd2c324bd57c9a0a4e74b52f95ceb965d27f27f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=5.1.2 HTTP/1.1 
Host: developers.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 16 Jan 2017 03:43:59 GMT
set-cookie: _ga_devsite=GA1.3.644296295.1670573196; Expires=Sun, 08 Dec 2024 08:06:36 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-lNGOa+7VBL3w5dc6iE/JrlbDMnUV1k' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 2a0cf2cfccc383535466482de21afbca
vary: Accept-Encoding
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Google Frontend
content-length: 8937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   8937
Md5:    d4d0d62b0dbeb552ffdc6b5fbf6a9eb6
Sha1:   fb5420f1cf3b0ae584c2cef9085612f8bfc07f96
Sha256: c85309a9d7531887469fd0d31e80dab72a242787eddbf303ff1e911900455474
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 08:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:19:20 GMT
etag: "385-5d9e140bc8be3"
accept-ranges: bytes
content-length: 901
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (715)
Size:   901
Md5:    e0b6ee7035469fab34982887e7ef21f7
Sha1:   8f38f75ae3db197142744524b6fcb8dc11efd577
Sha256: f7f639c14daca92fe9f66f08d4ef076d2413eb99dbc35129158de1814d1d7c91
                                        
                                            GET /wp-content/themes/motors/assets/js/jquery.cookie.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "c9f-5d2c3afdf1582"
accept-ranges: bytes
content-length: 3231
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3231
Md5:    274f1795c34d6b35e0e79eb1633abe23
Sha1:   a9e973e7d4830462c90a44f4766ab4e1f5177fe5
Sha256: 582e7032302e4a28726d52ff3ff8db3bb0d1b3a7c1e83e38890ee62bc0a174ed

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/jquery.touch.punch.min.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "50b-5d2c3afdf38ab"
accept-ranges: bytes
content-length: 1291
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1090)
Size:   1291
Md5:    700b877cd3ade98ce6cd4be349d81a5c
Sha1:   c1c36e6927436231eb20474356b29667c4c648aa
Sha256: 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/motors-vin-decoder//assets/css/vin-decoder.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:50:26 GMT
etag: "5b46-5e9dce4f2fca8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 4490
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23366), with no line terminators
Size:   4490
Md5:    409ed4df68521a808313b7ce8d2875d3
Sha1:   2bfeb5236e3db8e1ed77213d8dad9e97b6f7bb17
Sha256: ec27d1caa25b46911cbe9f09fc12684cb3dc2c07c36972f6f9b9304145e9fd62
                                        
                                            GET /wp-content/themes/motors/assets/css/jquery.stmdatetimepicker.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "4981-5d2c3afd7ddb1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 4618
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   4618
Md5:    2dbe5d4f94fdcf3df53ec6071a433b32
Sha1:   b71af6bb415f16b2624d97e8914137399c8ec596
Sha256: 0850bfcae403b88d409a60d16d73c6e1f7ef1c8274c5b090ab290b2aa7923546

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.7.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
etag: "865f-5d9e136b05866-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 4260
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (34217)
Size:   4260
Md5:    ff23202f1227d35b13635501c86b2156
Sha1:   31c5de356f90da7a53468ef8ed0a9237cdaa67ce
Sha256: c4b5a8cbcaef7b3a6d4d2f1a3d68cfac3a2ccb7fbfcd7ae212bf2c39fc85ed42

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/app-user-sidebar.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "382-5d2c3afdec760"
accept-ranges: bytes
content-length: 898
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   898
Md5:    233c154fec1bd47cb2d7c5c9c5f70941
Sha1:   40260ff178c49cf3ecffe7b8484d07e52308cead
Sha256: f0fcb6a32306c5ff4a50df8e19e176be412c7ec0b9306c8083347a52c98ca1bd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90028
Date: Fri, 09 Dec 2022 08:06:36 GMT
Etag: "639199a3-1d7"
Expires: Sat, 10 Dec 2022 09:07:04 GMT
Last-Modified: Thu, 08 Dec 2022 08:00:35 GMT
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mdvMMyKW3msnth5qvQnfTOjM4J2iaUT891KmDYGYLCyp2vobmnHw1w==
Age: 3989

                                        
                                            GET /wp-content/themes/motors/assets/css/animation.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:33 GMT
etag: "14f25-5d2c3afd4f388-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6679
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6679
Md5:    c539b9aac3a65cca3f449ef37e548ccb
Sha1:   b87a9e1f75f50a6d22ee1d783d3689d674204f0b
Sha256: 7e9d9f8aacc325dc3d2abfa0252b9049cd3399c7f81cbf32f776c4644d0ec698

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 17 Dec 2020 15:23:57 GMT
etag: "2bd8-5b6aa9497f7ec"
accept-ranges: bytes
content-length: 11224
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   11224
Md5:    79b4956b7ec478ec10244b5e2d33ac7d
Sha1:   a46025b9d05e3df30d610a8aef14f392c7058dc9
Sha256: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/dist/headers/header-car_dealer.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "271fc-5d2c3afd691a1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 10852
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   10852
Md5:    d23d8ee10642ccb21ae0153d554fda59
Sha1:   6de0a2d9861421f92ed4f77633c47ebbb9736022
Sha256: c70f9c79a5d06d76a364ba8fa18218ef77aa585888ca2a418d61753edfec6e30

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/vivus.min.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "2eb3-5d2c3afe1d89a"
accept-ranges: bytes
content-length: 11955
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11790)
Size:   11955
Md5:    edca8ffeb6cac2f6d5f9186043d569b6
Sha1:   ff20f18369ad92eedfee40a0cd461510eef41756
Sha256: 6cbced0782f23b4da0f1c24988d05a1395af3f6399a50cdd79114f1aac5b2b0c
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.7.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
etag: "dc69-5d9e136b05096-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12251
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (56243)
Size:   12251
Md5:    56ff26e4540fe0eb470200be12da9539
Sha1:   e55c1cf13307417eb0721280047dfe0a7e870752
Sha256: 41bd8b382a880ae6ec59d84506d7b5ba03c23eb9dd5b4044eb8f50e182fb39f4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:16:10 GMT
etag: "e197-5d9e13570059b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12303
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (12602)
Size:   12303
Md5:    ec14123fd07ef488fc1aff60a6f99c13
Sha1:   55e9b5c3cad505a780d948349d9009867368cf6a
Sha256: 46e3efd2835c5f189acbe5c392d41ce6b86f2cfe3f064cdd6780032777f5706a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/jquery.cascadingdropdown.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "3af3-5d2c3afdf119a"
accept-ranges: bytes
content-length: 15091
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   15091
Md5:    d46dc465806c94eb45c31ef252cc4d3e
Sha1:   6af119bb9785f07c0bdb0a6be7ade13cc045135c
Sha256: 17fb1aea21344fabd758897bdf5b704ee83e417efd5411c836cfef6ec2dfc41a
                                        
                                            GET /wp-content/themes/motors/assets/css/bootstrap.min.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "1ca38-5d2c3afd55d03-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 19250
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   19250
Md5:    a69801e0e683a8efdc50685e08da6a5c
Sha1:   6f9e7217c522f9e426b01836de5ca4b489da9cc8
Sha256: af869524400958bf10cefcd1a2790715f9f569117fabe6c69e24e5ca65e45321
                                        
                                            GET /rt?aid=18662&e=1&img=1 HTTP/1.1 
Host: rdcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.22.161.40
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Fri, 09 Dec 2022 08:06:36 GMT
content-length: 121
cache-control: private
location: /eow
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
set-cookie: aid=18662; expires=Fri, 01-Jan-2038 06:00:00 GMT; path=/;SameSite=None; secure ref=https://www.cardealsnearyou.com/; expires=Fri, 01-Jan-2038 06:00:00 GMT; path=/;SameSite=None; secure img=http://rdcdn.com/rt?aid=18662&e=1&img=1; expires=Fri, 01-Jan-2038 06:00:00 GMT; path=/;SameSite=None; secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   121
Md5:    3566835ab38329ddb105f8649131cabb
Sha1:   72eb59670ff0ea8cc99983629acc33aebd65a6e0
Sha256: 66b563593020781cd23517f1e111f600993a0b893f79970b32e9f95147db269c
                                        
                                            GET /wp-content/plugins/stm-megamenu/assets/js/megamenu.js?ver=2.3.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:17:22 GMT
etag: "ddc-5d9e139b93406"
accept-ranges: bytes
content-length: 3548
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3548
Md5:    1d26ded5f43ab4a713a025725d980d93
Sha1:   f6372bb22d53b2986160a3ff764f6ef2e615130c
Sha256: 69e9d8eeb0cc13a23f786c0dafd6909001e394d69d397083473ccd6ee2f0b234
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/jquery.cookie.js HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "c44-5d9e13084daf8"
accept-ranges: bytes
content-length: 3140
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3140
Md5:    0f1f6cd6e0036897019b376d38593403
Sha1:   498b29de6e170fffc8535183b7d6550490f0a159
Sha256: 8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 30 May 2022 03:23:25 GMT
etag: "d53-5e0322dd55ac3"
accept-ranges: bytes
content-length: 3411
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3233)
Size:   3411
Md5:    5c38aa6d5b98586ca2ba973ab8b4b6b1
Sha1:   8215983363ea0d74f99368336404b0d27217778f
Sha256: 7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/filter.js HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "f0f-5d9e13084cf3f"
accept-ranges: bytes
content-length: 3855
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3855
Md5:    4b48425e53ee05842fa3dba2952cca8c
Sha1:   d69bbb7e79c27e0b6c1dd13881c1dbc7c40ba7a3
Sha256: 2ed882d62d05459ec26f592856c0b845c01576d77982041311bca039901102a4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
etag: "76878-5d9e136a58a8c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 45810
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65358)
Size:   45810
Md5:    bfddc4ff4e82f2dd9a33b2b0bf3bb878
Sha1:   5cb05aacf9e97c6c58e02fabd69fcae22118c200
Sha256: be6316c3e4d24d0b139c1afabe5be1fd0e84e62a0e72d9f507eb32407897d4b2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 17 Sep 2021 17:31:52 GMT
etag: "15db1-5cc344e9c4b4e"
accept-ranges: bytes
content-length: 89521
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   89521
Md5:    02dd5d04add4759122013c5ab4dc5cc2
Sha1:   a45a56e396ac549b4ff39b696ce9e0c16a7612de
Sha256: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
                                        
                                            GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Thu, 10 Mar 2022 18:16:09 GMT
etag: "44-5d9e135542066"
accept-ranges: bytes
content-length: 68
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size:   68
Md5:    2a637d3d825673c0e3462fa4ed9a1c5c
Sha1:   81668d396da22832d75a986407ff10035e0d5899
Sha256: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
                                        
                                            GET /wp-content/themes/motors/assets/js/stm-google-places.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "12c6-5d2c3afe18a78"
accept-ranges: bytes
content-length: 4806
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Algol 68 source text\012- Pascal source, ASCII text
Size:   4806
Md5:    f130c0956c2e19ed130561577a694499
Sha1:   1ef8515331c4861d7c8ccbcc79382802dc003c83
Sha256: 930cfdcae2f9f6e399d2cf40fe97c1ce86f97cf7f6c6994573d61f4b39ce3565

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2022/12/0-APR-Guide-What-You-Need-To-Know-Before-Financing-350x181.jpg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Wed, 07 Dec 2022 17:20:21 GMT
etag: "1d4e-5ef40229a4649"
accept-ranges: bytes
content-length: 7502
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 350x181, components 3\012- data
Size:   7502
Md5:    a67452cd96a0b162ac0c5d08b7b9e604
Sha1:   8432b34cab30d2e75e33b5ce0e2bd87a0e8d8d9c
Sha256: 2d13907be02b711dba70eca9cf60821584e7a571b6228c8f258b6a578af19948
                                        
                                            GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/font-woff
                                        
last-modified: Thu, 10 Mar 2022 18:16:11 GMT
etag: "1d70-5d9e1357174d3"
accept-ranges: bytes
content-length: 7536
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Size:   7536
Md5:    04eb8fc57f27498e5ae37523e3bfb2c7
Sha1:   d942ae11706c3f7e511e3c49b0e4574d7ad199c4
Sha256: f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
                                        
                                            GET /wp-content/uploads/2021/12/cu-1-350x205.jpg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Wed, 05 Jan 2022 15:16:25 GMT
etag: "2462-5d4d73cb8db7e"
accept-ranges: bytes
content-length: 9314
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x205, components 3\012- data
Size:   9314
Md5:    69608054e1e55088716a9f5c97b25aa9
Sha1:   01355c2d0f11001e993866564c39313be6201df7
Sha256: 27263256df09c1beea5c70b6f8c35a3935c60a98cfa4db4685c4c4357a9c85ec
                                        
                                            GET /wp-content/uploads/2017/09/2018-toyota-camry-350x205.jpg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Wed, 17 Nov 2021 23:18:02 GMT
etag: "24c7-5d10440e0d7b5"
accept-ranges: bytes
content-length: 9415
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x205, components 3\012- data
Size:   9415
Md5:    819068307a587d984f28e60907bdfd1c
Sha1:   6e46fea8bc6c0b264e0100c94820443f729aeac3
Sha256: a52a9b7ae1715e83974c953535f27607c6cf7b36cb5825ccdf34b0af847326ae
                                        
                                            GET /wp-content/uploads/2022/01/img-1-960x-350x205.jpg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Thu, 06 Jan 2022 15:24:16 GMT
etag: "2c46-5d4eb76a0b233"
accept-ranges: bytes
content-length: 11334
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x205, components 3\012- data
Size:   11334
Md5:    66cc6b8b127fc5d9149fd34ec77c20ed
Sha1:   e1dad3dceaac31074655d2e7120e0c7741ea354d
Sha256: 1ce5e67c9fb60b2215f6ef8151ddc43e3ffe1587aec9e53e4e2de3d8b65780ce
                                        
                                            GET /wp-content/uploads/2015/12/6-350x205.jpg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 17 Sep 2021 18:57:33 GMT
etag: "2f88-5cc3581046509"
accept-ranges: bytes
content-length: 12168
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x205, components 3\012- data
Size:   12168
Md5:    6687e81017d51a5ae62ac9d4a8e272d2
Sha1:   fd38828d026ea40e7e0f40835767af9d7a292593
Sha256: ac63a05279b1d4d0ed62cd73480673108d526a72ff593d0f3ac6a00d072be9d0
                                        
                                            GET /wp-content/themes/motors/assets/js/lazyload.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "162f-5d2c3afdf407b"
accept-ranges: bytes
content-length: 5679
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5679
Md5:    2e546bbdcb575cc8ccfd49e09f8a0d1e
Sha1:   de02ee8c061a9e7b019af42d6894e9a6161c044b
Sha256: 56a580939c1b8c0a26c5fab297b2efc96e7dfe1e66b22b70adc9ef440b4d2b03

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /eow HTTP/1.1 
Host: rdcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cardealsnearyou.com/
Connection: keep-alive
Cookie: aid=18662; ref=https://www.cardealsnearyou.com/; img=http://rdcdn.com/rt?aid=18662&e=1&img=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         52.22.161.40
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Fri, 09 Dec 2022 08:06:36 GMT
content-length: 151
location: https://rdcdn.com/images/blank.gif
cache-control: private
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   151
Md5:    82133787c1fcce4fd893463e0b0b3ecb
Sha1:   f4af96850470b845614985cb3a56d9e16ad14e9c
Sha256: ba90dc61e3a7b2caff87da8bf66ff677120d58b1f76e79f40dcfaac4cf58a555
                                        
                                            GET /wp-content/uploads/2021/09/logo.png HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Fri, 17 Sep 2021 18:13:07 GMT
etag: "7df1-5cc34e21889ef"
accept-ranges: bytes
content-length: 32241
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1738 x 286, 8-bit/color RGBA, non-interlaced\012- data
Size:   32241
Md5:    4deff5845cbb90754c8ffabf3dfd81cd
Sha1:   1f618ced7ef5cf2a02af294275249388f6c2a835
Sha256: 5ab4cc19429e66d11688ffb55af4f733c289799eaaae054b14893ccfd13fa341
                                        
                                            GET /wp-content/themes/motors/assets/js/jquery.countdown.min.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "14db-5d2c3afdf196a"
accept-ranges: bytes
content-length: 5339
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4136)
Size:   5339
Md5:    5d3ff3c3fbaa67cc639501f44eeb07be
Sha1:   bd66e4cd58de09c198e7abc77fa4c883955d189e
Sha256: 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2015/12/cndy1_300x250_FINANCING.png HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Tue, 17 May 2022 12:54:28 GMT
etag: "10337-5df34a41da471"
accept-ranges: bytes
content-length: 66359
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   66359
Md5:    0b841c6ad2aa84d74ed2b064ba608e44
Sha1:   8cbaf0736f2be0204f37d861fad78c6ac337b763
Sha256: f1c83dd7711344434da0d72a536bbf998fb6033a93efe7a8c405aa31f4e28e76
                                        
                                            GET /wp-content/plugins/form-autocomplete-nish-premium/js/app.js?ver=2.0.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 19 Apr 2022 14:32:02 GMT
etag: "1c56-5dd02bd7ece60"
accept-ranges: bytes
content-length: 7254
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   7254
Md5:    7c898d32907792a4ca6d509d0c2b52af
Sha1:   b54cb8a2682a24d180f0528ef06d998f88fc3a59
Sha256: 05322da8b0c192999052935f12b463d6e5a84b224f6fae2937abeb2b27b6bebe
                                        
                                            GET /wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 30 May 2022 03:23:25 GMT
etag: "19fb-5e0322dd52fca"
accept-ranges: bytes
content-length: 6651
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6469)
Size:   6651
Md5:    986cbf4f93616febf4243f6e3e76e3e9
Sha1:   7de9dd72732ca8fe46c0242749d4a705345fe0b7
Sha256: c3a015f250093ba41c36da57625051930eada74b0bb8d61b7e0c6fef36952317
                                        
                                            GET /wp-content/themes/motors/assets/js/jquery.uniform.min.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "216b-5d2c3afdf3c93"
accept-ranges: bytes
content-length: 8555
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8555), with no line terminators
Size:   8555
Md5:    602e6f2ddacb95ef0f3061fd2a671f87
Sha1:   91cbe28c3c5cf6187680f4529f0c40e4cf6098ff
Sha256: 8db04d82f75d8073b25dc594a13c2dafdfb762f8d66ed1dd32f95c3420868a6a
                                        
                                            GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 30 Sep 2022 03:49:49 GMT
etag: "222e-5e9dce2b5f503"
accept-ranges: bytes
content-length: 8750
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (8750), with no line terminators
Size:   8750
Md5:    5f7dca83f1cac6295b0d4c72e325ac20
Sha1:   e0aacf1cfd0d8ed4bc37c8ef2be23d46513b71ed
Sha256: af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/app-header-scroll.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "269f-5d2c3afdeb3d8"
accept-ranges: bytes
content-length: 9887
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   9887
Md5:    3e79399963f950548b8528e8f2ce8354
Sha1:   48f2c8bf5bf3ab66c930bbf4aaebc4d44b549e40
Sha256: 7ccc91bc49d744f8f5131ab1a1080c4fb4afad71648f71901344f76e013faae7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /scripts/v1/pushnami-adv/6307cede82599900146a1edc HTTP/1.1 
Host: api.pushnami.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.33
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 09 Dec 2022 08:02:33 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K_Yc4RDTIfXh5KJHt8w-W6vHmMmX30GbGZc5Xt2V9dfur2EMLUvnWQ==
age: 243
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   27490
Md5:    b7cdd26771ed89de2044c9f414948e4a
Sha1:   ed81dd99f46df2bb40b8b391c1667692269186c1
Sha256: a68e5bb1e5b2db06b7661b3c368029f51116a61f3202ff8f1bce70c8daac62df
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 25 Oct 2022 16:45:04 GMT
etag: "26d1-5ebdea14ce207"
accept-ranges: bytes
content-length: 9937
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9937), with no line terminators
Size:   9937
Md5:    dc74c9954b1944928eca0172c3b8c6b3
Sha1:   e9e00e587e0e28491b69563b4e768945ff2e0ed5
Sha256: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/init.js HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "2afc-5d9e13084d710"
accept-ranges: bytes
content-length: 11004
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   11004
Md5:    ef27876965ca7a901f5d659cfef2508e
Sha1:   00ef39e8450b72bdac334c9d6d360f97dbc54c5c
Sha256: b52fb9c7daf25d03006566b0ed7941011b21a1b42041cabce73c681e8163e4dd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 30 May 2022 03:23:25 GMT
etag: "29ff-5e0322dd57234"
accept-ranges: bytes
content-length: 10751
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10572)
Size:   10751
Md5:    0ee357a183287d64fcf277f66d532e6d
Sha1:   b45721bde387037ac73347020edb890ac4a77814
Sha256: 7ce6eb9cd7f07b424c34ee977214503668ae5e137d07b3fe0a37373e57686ebf
                                        
                                            GET /wp-content/themes/motors/assets/js/sell-a-car.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "28a7-5d2c3afe182a8"
accept-ranges: bytes
content-length: 10407
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   10407
Md5:    940cfb0a414f7d25580db8ae1d593cce
Sha1:   9fc3d2e8fe80298b7698e91d50eb9a8353845e5e
Sha256: 3a1828577697300c7856c303a82e07c62a4ce6886f8783e0494b6f11638a9772

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 25 Oct 2022 16:45:04 GMT
etag: "3016-5ebdea14c45c3"
accept-ranges: bytes
content-length: 12310
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12310), with no line terminators
Size:   12310
Md5:    1f9968a7c7a2a02491393fb9d4103dae
Sha1:   0032c8a6a692e6f072b2cef20828449402fdd57d
Sha256: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 08:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/motors/assets/js/filter.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "30bf-5d2c3afdef641"
accept-ranges: bytes
content-length: 12479
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   12479
Md5:    66c22cb02b7d85cf5b8dad3bbddfa373
Sha1:   cf41bdb5596cda0a6492be756a1256a76a0269ab
Sha256: 92aad1c4ed170ca3235640b5acdebbd3a5433bf4b4441f4e24b88e19bc183bbc
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.7.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:16:32 GMT
etag: "3222-5d9e136b26f99"
accept-ranges: bytes
content-length: 12834
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12478)
Size:   12834
Md5:    0bf128a0c049a8e5386d7c709e8f2d5d
Sha1:   dca62041e11fcbb5aeb958612916f3453efbcf5c
Sha256: 2d42b8a78389235460930cf4f496b8411d46a3344229e4309480803bb39d1575

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/lg-video.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "351d-5d2c3afdf4463"
accept-ranges: bytes
content-length: 13597
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   13597
Md5:    5f7d592389a8dbbf34620dd38d2d2c57
Sha1:   46405fe79ab85a930797c814d6cd8879a7553041
Sha256: 53aad6aea6b1938f9b296a38293fb4b862a066e0102020b6772e5a8c72060044

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /tag/implement-r.js?org=9Xf4JS6qIDnMDOaZ0z86&fmt=banner&rt=click&sl=1&fq=1&p=709&a=true&cmp=cdny HTTP/1.1 
Host: c.fqtag.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.190.72.161
HTTP/2 200 OK
content-type: application/javascript
                                        
expires: 0
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 0
pragma: no-cache
date: Fri, 09 Dec 2022 08:06:36 GMT
access-control-allow-origin: *
content-length: 2656
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2656), with no line terminators
Size:   2656
Md5:    876d37cce279d848373b5157383a64a7
Sha1:   0e44a6343bc4ed47029b03f2550db6cdade10a13
Sha256: bb757a0878800ce3b268bbb5f8b07b83622ebe25c45f9974cf4070eb37aa6af9
                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cardealsnearyou.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:30:11 GMT
expires: Sat, 09 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 5785
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /wp-content/themes/motors/assets/js/smoothScroll.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "5b47-5d2c3afe18690"
accept-ranges: bytes
content-length: 23367
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   23367
Md5:    28caad470346a31bde5404ea7c6be837
Sha1:   927590e21de028a332a5fa2f036c6d063860ed3c
Sha256: 11a137a3aa4740aa67ff3f25ec5034c22c5d4532b7112e3f116170039371016b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 08:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 08:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/motors/assets/js/load-image.all.min.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8539&utm_content&utm_term
Cookie: stm_visitor_1=57063455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "6623-5d2c3afdf5404"
accept-ranges: bytes
content-length: 26147
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 08:06:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---