Overview

URLwww.newsandpromotions.com/tracking/8760
IP 34.117.221.220 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-08 22:46:58 UTC
StatusLoading report..
IDS alerts0
Blocklist alert57
urlquery alerts No alerts detected
Tags None

Domain Summary (55)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
rdcdn.com (3) 64936 2015-03-10 15:50:25 UTC 2022-12-07 22:51:39 UTC 52.7.240.180
vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2022-12-08 17:12:53 UTC 143.204.55.20
api.pushnami.com (4) 3782 2017-05-12 22:45:10 UTC 2022-12-08 17:27:34 UTC 54.230.111.33
a.remarketstats.com (1) 38181 2017-01-10 13:24:29 UTC 2017-11-03 17:28:17 UTC 104.26.3.122
r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 23.36.77.32
sb.scorecardresearch.com (2) 134 2021-05-05 22:31:54 UTC 2022-12-08 17:38:15 UTC 143.204.55.94
trc-events.taboola.com (2) 1779 2020-06-09 13:52:57 UTC 2022-12-08 17:20:01 UTC 141.226.228.48
dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-12-08 17:18:04 UTC 178.250.2.146
ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2022-12-08 14:20:47 UTC 178.250.6.58
gem.gbc.criteo.com (1) 6039 2019-01-31 10:05:09 UTC 2022-12-08 15:47:40 UTC 178.250.6.215
rtxpx-a.akamaihd.net (1) 87970 2019-09-06 20:03:22 UTC 2022-12-08 09:17:03 UTC 23.36.76.114
pixel.tapad.com (2) 400 2012-10-01 07:23:01 UTC 2022-12-08 17:13:50 UTC 35.227.248.159
cdn.taboola.com (3) 1040 2013-07-19 23:48:03 UTC 2022-12-08 17:12:48 UTC 151.101.129.44
www.google.no (1) 25607 2012-06-26 23:22:08 UTC 2022-12-08 17:14:59 UTC 142.250.74.67
stickyid-a.akamaihd.net (2) 94008 2019-06-02 10:14:21 UTC 2022-12-08 09:17:04 UTC 23.36.76.176
trc.pushnami.com (1) 3888 2018-10-23 06:56:12 UTC 2022-12-08 20:15:46 UTC 34.227.235.208
ocsp.sca1b.amazontrust.com (4) 1015 2016-02-14 02:37:56 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
a.clickcertain.com (10) 3511 No data No data 172.67.74.207
stats.g.doubleclick.net (1) 96 2012-07-01 17:13:23 UTC 2022-12-08 17:14:59 UTC 108.177.14.157
www.cardealsnearyou.com (116) 300285 2022-06-02 19:08:18 UTC 2022-12-08 08:37:41 UTC 8.38.122.197
script.hotjar.com (1) 887 2020-11-05 10:02:45 UTC 2022-12-08 17:12:53 UTC 143.204.55.46
vc.hotjar.io (1) 2334 2019-04-16 10:33:25 UTC 2022-12-08 17:15:42 UTC 54.230.111.70
api.pushnami.com (4) 3782 2017-05-12 22:45:10 UTC 2022-12-08 17:27:34 UTC 54.230.111.53
img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76
developers.google.com (1) 12980 2012-06-04 12:32:46 UTC 2022-12-08 17:38:50 UTC 142.250.74.174
www.googletagmanager.com (1) 75 2012-10-04 01:07:32 UTC 2022-12-08 17:14:43 UTC 142.250.74.168
ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
a.usbrowserspeed.com (1) 0 No data No data 44.229.119.75 Unknown ranking
psp.pushnami.com (1) 16030 2018-07-03 13:16:20 UTC 2022-12-08 09:50:45 UTC 3.216.213.114
secure.adnxs.com (1) 396 2012-05-22 16:37:37 UTC 2022-12-08 17:12:02 UTC 37.252.171.21
i.liadm.com (2) 511 2016-05-04 14:21:08 UTC 2022-12-08 17:16:42 UTC 44.209.26.9
cm.g.doubleclick.net (2) 202 2012-05-22 09:58:28 UTC 2022-12-08 17:29:34 UTC 142.250.74.130
x.bidswitch.net (1) 286 2012-10-03 23:30:53 UTC 2022-12-08 17:12:21 UTC 35.158.31.44
gum.criteo.com (2) 381 2015-01-22 10:58:57 UTC 2022-12-08 17:15:40 UTC 178.250.0.157
www.newsandpromotions.com (1) 66587 2014-04-04 17:52:37 UTC 2022-12-08 08:36:37 UTC 34.117.221.220
ocsp.r2m01.amazontrust.com (1) 0 2022-10-12 20:43:53 UTC 2022-12-08 17:23:26 UTC 54.230.80.227 Domain (amazontrust.com) ranked at: 581
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-08 17:20:00 UTC 54.202.70.174
ocsp.pki.goog (18) 175 2017-06-14 07:23:31 UTC 2022-12-08 17:12:01 UTC 142.250.74.131
googleads.g.doubleclick.net (1) 42 2012-05-21 07:15:40 UTC 2022-12-08 17:20:04 UTC 142.250.74.98
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2022-12-08 17:12:15 UTC 143.204.55.84
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239
maps.googleapis.com (2) 33876 2012-05-22 14:23:23 UTC 2022-12-08 17:13:30 UTC 142.250.74.106
trc.taboola.com (1) 602 2012-12-27 11:54:42 UTC 2022-12-08 17:14:59 UTC 151.101.129.44
ws44.hotjar.com (1) 0 No data No data 54.75.47.87 Domain (hotjar.com) ranked at: 666
track.ecampaignstats.com (1) 66269 2014-04-05 13:42:34 UTC 2022-12-08 08:36:38 UTC 209.148.95.13
fonts.googleapis.com (2) 8877 2012-05-23 12:41:44 UTC 2022-12-08 17:12:12 UTC 142.250.74.106
fonts.gstatic.com (4) 0 2014-04-02 10:51:04 UTC 2022-12-08 17:14:55 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
www.google-analytics.com (1) 40 2012-05-21 09:41:50 UTC 2022-12-08 17:20:06 UTC 142.250.74.110
in.hotjar.com (1) 1746 2018-07-03 09:33:18 UTC 2022-12-08 17:15:43 UTC 52.49.107.217
cdn.fqtag.com (1) 18775 2018-05-30 14:51:44 UTC 2022-12-08 08:30:55 UTC 35.190.36.172
rtclx.com (1) 17838 2017-12-28 23:12:31 UTC 2022-12-08 09:17:17 UTC 52.204.72.177
www.google.com (1) 7 2012-11-08 00:08:21 UTC 2022-12-08 17:22:52 UTC 216.58.211.4
c.fqtag.com (1) 34931 2014-11-23 11:03:12 UTC 2022-12-08 06:20:24 UTC 35.190.72.161

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-08 2 www.cardealsnearyou.com/wp-includes/css/dist/block-library/style.min.css?ve (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/contact-form-7/includes/css/styl (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/css/ (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/stm-motors-extends/nuxy/metaboxe (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/stm-megamenu/assets/css/megamenu (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/classie.js?ver=5.1.2 Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/jquery.cookie.js (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/rental/icons.cs (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/listing_two/ico (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/stm-aircrafts-f (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/motors-vin-decoder/assets/img/vi (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/style.css?ver=5.1.2 Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/motors-vin-decoder//assets/css/s (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/jquery-ui.css?v (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/select2.min.css (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/jquery.stmdatet (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/lib/bower/fon (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/jquery.touch.pun (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/animation.css?v (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/app-user-sidebar (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/lib/bower/fon (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/revslider/public/assets/css/rs6. (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/dist/headers/he (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/js/f (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/js/f (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/stm-google-place (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/lazyload.js?ver=5.1.2 Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/jquery.countdown (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/css/js_compos (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/cookie-notice/js/front.min.js?ve (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/contact-form-7/includes/swv/js/i (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/app-header-scrol (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/js/f (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/sell-a-car.js?ve (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/contact-form-7/includes/js/index (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/lib/bower/skr (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/lg-video.js?ver=5.1.2 Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/js/dist/js_co (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/bootstrap.min.js (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/dynamic-content-for-elementor/as (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/select2.full.min (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/app-ajax.js?ver=5.1.2 Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/stm_vehicles_listing/assets/js/f (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/typeahead.jquery (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/css/dist/app.css?ve (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/themes/motors/assets/js/stm_dt_picker.js (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/uploads/2022/02/01.jpeg?id=6230 Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/uploads/2021/03/02.jpg?id=1747 Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/stm-motors-extends/nuxy/metaboxe (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/service-worker.js Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/lib/bower/fon (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/revslider/public/assets/js/rbtoo (...) Phishing
2022-12-08 2 www.cardealsnearyou.com/service-worker.js Phishing
2022-12-08 2 www.cardealsnearyou.com/wp-content/plugins/js_composer/assets/lib/bower/fon (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.117.221.220
Date UQ / IDS / BL URL IP
2022-12-18 09:31:40 +0000 0 - 0 - 53 www.newsandpromotions.com/tracking/8305 34.117.221.220
2022-12-18 09:08:02 +0000 0 - 0 - 55 www.newsandpromotions.com/tracking/8318 34.117.221.220
2022-12-17 10:34:29 +0000 0 - 0 - 56 www.newsandpromotions.com/tracking/8344 34.117.221.220
2022-12-16 08:30:42 +0000 0 - 0 - 58 www.newsandpromotions.com/tracking/8617 34.117.221.220
2022-12-15 07:54:18 +0000 0 - 0 - 60 www.newsandpromotions.com/tracking/8539 34.117.221.220


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-01-30 01:52:32 +0000 0 - 0 - 0 webcache.googleusercontent.com/search?q=cache (...) 142.250.74.97
2023-01-30 01:49:48 +0000 0 - 0 - 4 northamerica-northeast1-carbon-mediator-37181 (...) 216.239.36.54
2023-01-30 01:37:22 +0000 0 - 0 - 3 ringrentsanthtar1974.blogspot.com.cy/ 142.250.74.97
2023-01-30 01:36:56 +0000 0 - 0 - 3 marilynmonroedaniellecohn.blogspot.kr/ 142.250.74.97
2023-01-30 01:35:28 +0000 0 - 0 - 4 musclerobloxtshirt.blogspot.com.br/ 142.250.74.97


Last 5 reports on domain: newsandpromotions.com
Date UQ / IDS / BL URL IP
2023-01-29 20:30:13 +0000 0 - 20 - 56 www.newsandpromotions.com/tracking/8357 35.227.209.77
2023-01-29 20:27:29 +0000 0 - 24 - 57 www.newsandpromotions.com/tracking/8383 35.227.209.77
2023-01-26 20:55:39 +0000 0 - 24 - 55 www.newsandpromotions.com/tracking/8383 35.227.209.77
2023-01-26 10:03:35 +0000 0 - 24 - 56 www.newsandpromotions.com/tracking/8513 35.227.209.77
2023-01-25 07:53:10 +0000 0 - 0 - 58 www.newsandpromotions.com/tracking/8461 35.227.209.77


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-18 20:01:59 +0000 0 - 0 - 56 www.newsandpromotions.com/tracking/8539 35.227.209.77
2022-12-29 08:35:06 +0000 0 - 24 - 58 www.newsandpromotions.com/tracking/8565 35.227.209.77
2022-12-28 08:27:42 +0000 0 - 24 - 58 www.newsandpromotions.com/tracking/8396 35.227.209.77
2022-12-27 07:42:17 +0000 0 - 24 - 56 www.newsandpromotions.com/tracking/8812 35.227.209.77
2022-12-22 19:28:12 +0000 0 - 24 - 0 www.newsandpromotions.com/tracking/8383 35.227.209.77

JavaScript

Executed Scripts (102)

Executed Evals (26)
#1 JavaScript::Eval (size: 4) - SHA256: 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408
this
#2 JavaScript::Eval (size: 112) - SHA256: a537b5f7b661a7e03cf06c3bdebcd9f3dd0e8914091757ca1eb4933dfdf06c69
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(6).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#3 JavaScript::Eval (size: 112) - SHA256: f329ec79ac2033511a82eb0a5011170218b09f419a501f3c4230f0a9ca8b04a2
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(9).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#4 JavaScript::Eval (size: 31) - SHA256: 83ba63efde4d727ac5babaea99f131c7a173c43d8ba138525523e267bf5f19c9
window.location.ancestorOrigins
#5 JavaScript::Eval (size: 112) - SHA256: 8008b1b37a49037f1b4e504c18e8c4bd357026b0c666c273d14350424105217b
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(3).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#6 JavaScript::Eval (size: 113) - SHA256: 62fdae530d88408b1cc4946eecd70fda26cae40808523e8e139628cb67247a07
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(14).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#7 JavaScript::Eval (size: 113) - SHA256: ca1582320c12eedbe87181d93fc1a21f4514850f621f2a46c5181ce50a0169b2
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(28).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#8 JavaScript::Eval (size: 14) - SHA256: 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33
/*@cc_on!@*/ !1
#9 JavaScript::Eval (size: 17) - SHA256: 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061
/*@cc_on!@*/
false
#10 JavaScript::Eval (size: 128) - SHA256: ab56d0ee9925bde1d48c8ddb280506b51c52c52e0d54d5ea65e67ce04fd33b93
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(5).indexOf(google_tag_manager["GTM-N68RHD7"].macro(7)) ? !0 : !1
})();
#11 JavaScript::Eval (size: 130) - SHA256: de7f0db937335d77f276ef125fc2050929d3bc0c6c51f1ebbed3b8998ffb0a3a
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(27).indexOf(google_tag_manager["GTM-N68RHD7"].macro(29)) ? !0 : !1
})();
#12 JavaScript::Eval (size: 130) - SHA256: 5efe4015dc7e7f42e86be1041655d687b42df2722ac746db90eba1a9f3cf3989
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(36).indexOf(google_tag_manager["GTM-N68RHD7"].macro(38)) ? !0 : !1
})();
#13 JavaScript::Eval (size: 20) - SHA256: f83271bbf9f61f53799bbe1ea9aa015e44b5b2ab3d7a94605b3aa390d2bfbc59
(function x() {})[-6]
#14 JavaScript::Eval (size: 20) - SHA256: 989aee59bc8b1d209d85b911b79e19acbd4f38b57f507a32a8824db502e689e0
(function x() {})[-5]
#15 JavaScript::Eval (size: 7) - SHA256: 05f06428ae6926ccb3847eac1c4adbe310cdeb3f5db585f26c2b9bb7887bff03
!+'\v1'
#16 JavaScript::Eval (size: 128) - SHA256: 07fefc4a42c2422b8cc74180566c65218f9d29f8d68c34ad63e3197b354f963d
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(2).indexOf(google_tag_manager["GTM-N68RHD7"].macro(4)) ? !0 : !1
})();
#17 JavaScript::Eval (size: 113) - SHA256: 9c395712e42dfb14d917a95c710c24afeb04ca6699729f917148a894682f5a90
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(42).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#18 JavaScript::Eval (size: 11) - SHA256: f587a8350df0c0f85a945195aac9f88d92f340e865a2e7fb23ad516da6623618
'\v' == 'v'
#19 JavaScript::Eval (size: 130) - SHA256: 898a0daeb2368d3466ec1d02d0638264b0cfec3bee7fbfe1c755bf4c6f853680
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(18).indexOf(google_tag_manager["GTM-N68RHD7"].macro(20)) ? !0 : !1
})();
#20 JavaScript::Eval (size: 113) - SHA256: 9612617e766bf906cd029e512f6e0e96d9961630b36f88abf4bb6649682d67f1
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(23).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#21 JavaScript::Eval (size: 130) - SHA256: 5d80c41a99ad13a8b59d65b8faba825421f3c425d5fe5bf8a84aee053cae9cf5
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(22).indexOf(google_tag_manager["GTM-N68RHD7"].macro(24)) ? !0 : !1
})();
#22 JavaScript::Eval (size: 113) - SHA256: fe5198c46d45cefcdb217db4c42392d25057091df912dbb50518495b3221a844
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(37).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#23 JavaScript::Eval (size: 130) - SHA256: c8d1950a0fe0057ea51a0875996dfe29842ad1c4c3e646a76312922734a84363
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(41).indexOf(google_tag_manager["GTM-N68RHD7"].macro(43)) ? !0 : !1
})();
#24 JavaScript::Eval (size: 130) - SHA256: 03bd9cf01c2441a28010a255b5c86f69e05407e3ceb6c4fe1603d80e2433c6c5
(function() {
    return -1 === google_tag_manager["GTM-N68RHD7"].macro(13).indexOf(google_tag_manager["GTM-N68RHD7"].macro(15)) ? !0 : !1
})();
#25 JavaScript::Eval (size: 113) - SHA256: a10d3709e42f6d883af0aade11821a363fbea8b92dbab82ca3441438062e776b
(function() {
    return google_tag_manager["GTM-N68RHD7"].macro(19).match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]
})();
#26 JavaScript::Eval (size: 18) - SHA256: 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91
var foo = (x) => x + 1

Executed Writes (0)


HTTP Transactions (241)


Request Response
                                        
                                            GET /tracking/8760 HTTP/1.1 
Host: www.newsandpromotions.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         34.117.221.220
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 08 Dec 2022 22:46:46 GMT
Server: Apache
Set-Cookie: _xTID=8760; expires=Thu, 08-Dec-2022 22:51:46 GMT; Max-Age=300; path=/; domain=newsandpromotions.com _xSID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=newsandpromotions.com
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Location: http://track.ecampaignstats.com/lprd/trk.php?TID=8760
Vary: User-Agent
Content-Length: 0
X-Varnish: 48036550
Age: 0
X-Cacheable: NO:Logged in/Got Sessions
Via: 1.1 varnish (Varnish/6.0), 1.1 google

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11467
Expires: Fri, 09 Dec 2022 01:57:53 GMT
Date: Thu, 08 Dec 2022 22:46:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9541
Expires: Fri, 09 Dec 2022 01:25:47 GMT
Date: Thu, 08 Dec 2022 22:46:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3707
Expires: Thu, 08 Dec 2022 23:48:33 GMT
Date: Thu, 08 Dec 2022 22:46:46 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 22:08:15 GMT
age: 2311
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 4g6IQCWliryShscOpVG02UEqMzF6H0azP4OnuoAM+HdkHImrx8ZWOraLlLA7KVxSYDAv3x2kQCI=
x-amz-request-id: TTPJCVP4HQTZFY4P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 21:48:04 GMT
age: 3522
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 08 Dec 2022 22:46:46 GMT
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 22:07:58 GMT
age: 2328
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5065
Cache-Control: max-age=128669
Date: Thu, 08 Dec 2022 22:46:47 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:31:16 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /lprd/trk.php?TID=8760 HTTP/1.1 
Host: track.ecampaignstats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         209.148.95.13
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 08 Dec 2022 22:46:46 GMT
Server: Apache/2.4.52 (Debian)
Set-Cookie: _xTID=8760; expires=Thu, 08-Dec-2022 23:01:46 GMT; Max-Age=900
Location: https://www.cardealsnearyou.com?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content=&utm_term=
Content-Length: 0
Connection: close

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JxVypR1tyLcB7KOBN+rGcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.202.70.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f0o9qhY0PetIBnc1xBSv8S6J/Sw=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "42D6AFDE50843D5F5247AB2ACAB5DD0637822A6AF0DE0F1B17EAC1440B4CDC56"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20759
Expires: Fri, 09 Dec 2022 04:32:46 GMT
Date: Thu, 08 Dec 2022 22:46:47 GMT
Connection: keep-alive

                                        
                                            GET /?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content=&utm_term= HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         8.38.122.197
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
x-b-cache: BYPASS
x-redirect-by: WordPress
set-cookie: stm_visitor_1=58464791; expires=Sat, 07-Jan-2023 22:46:47 GMT; Max-Age=2592000; path=/
location: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
date: Thu, 08 Dec 2022 22:46:47 GMT
server: Apache
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7811
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:46:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7811
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:46:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7811
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:46:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7811
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:46:48 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:12:28 GMT
age: 27260
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8204
Md5:    9cb76c68a8cd472600106cc118067868
Sha1:   6cee6b1828c709f68b995197ca943a5c393f86fb
Sha256: 009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7919
x-amzn-requestid: 05f49b7c-7c76-4df4-8258-c270078d8fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctl_TH-KoAMFkWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9fb-1971e1e0359763a96b4d320b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:06:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BEsmH1BkWu_c_-qHStWD1CT1Lx1AZVcw9tnLcoGZCmnjwFWdtB7BRA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:02:50 GMT
age: 6238
etag: "d795c519ea637a213aab1d80daaf44ce5ad19069"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7919
Md5:    b1a13d12c326848d5b7adeb2562a35a5
Sha1:   d795c519ea637a213aab1d80daaf44ce5ad19069
Sha256: f7b99c93b99268e1b2fa438d493cf23cd75a98833710ddd22b5278a76e9f019a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3030
x-amzn-requestid: c5e5e4a1-bc45-42e8-a021-9c8f99e22556
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUqCFWBoAMFiqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639134a6-5cc9bdf360f2bfb54e16b448;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: x5FUJ8Cbw9B9BWcHlencYw564Xri5cgoVXkQ2MbhEjYq7Y5v2P0IxQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 14:51:55 GMT
etag: "33edd1469c54a08e3c4cb0003b87b225eba55b3f"
age: 28493
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3030
Md5:    a1be0ae00ba0c6009ac14c8df38b8ad0
Sha1:   33edd1469c54a08e3c4cb0003b87b225eba55b3f
Sha256: ab70390c49c5bb3dd7e97ba008c01213a59b3bc271aa8a350ab35ff422d8b3fd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kTEbkncBnAJmQE8cdAqvDtejiwaetpRBsVcpLXy1h52lO4iUkzmOGA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 16:28:48 GMT
age: 22680
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7960
Md5:    eb00a2a503a690cee3e4dd729b5bc9bd
Sha1:   cfb1e5bcab2148a777889680e6e36b9d7e8917ec
Sha256: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:39:07 GMT
age: 50861
etag: "2506152cdd1056533116feb9350124356e570e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7217
Md5:    955c6ac69b89f6cbd497df53fcb2ae1b
Sha1:   2506152cdd1056533116feb9350124356e570e54
Sha256: fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47563cf2-d887-4c1d-a3b9-0b5151226171.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8709
x-amzn-requestid: 8c5094d3-3286-44db-bd3f-9369cd8220eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LYGGm6oAMFn1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925900-2ea563bc1b5aa87a0ebd6251;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oHNHICPfq1U2qYhNmrtf5_56-jtn-zOMPGvBdhXICE493RfJ1cFCvA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:59:55 GMT
age: 2813
etag: "cac4e03ae9857def8b094e005647c3e49c34d686"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8709
Md5:    0321199622f614202a646f925521ace7
Sha1:   cac4e03ae9857def8b094e005647c3e49c34d686
Sha256: 042494598add540a49650d5556d33bf53f647d77e64fbf13f3d881ebf251a525
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:46:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 165
Cache-Control: max-age=88112
Date: Thu, 08 Dec 2022 22:46:49 GMT
Etag: "63911de4-117"
Expires: Fri, 09 Dec 2022 23:15:21 GMT
Last-Modified: Wed, 07 Dec 2022 23:12:36 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /maps/api/js?key=AIzaSyDr1xM6IU4fHaTYM8RxC9hoou0Ig_58ITc&libraries=places%2Cdrawing%2Cgeometry&language=en&ver=2.0.1 HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 59158
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=26
date: Thu, 08 Dec 2022 22:32:55 GMT
expires: Thu, 08 Dec 2022 23:02:55 GMT
cache-control: public, max-age=1800
age: 834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2447)
Size:   59158
Md5:    4e268119117762d1206cd251bdd04441
Sha1:   f691e436e17a3349c4ffd67b88a23e818e973023
Sha256: 8ba0f96b20b2d8264bd171eca86374f2c146df466b87e2317f52f1624b1ccc15
                                        
                                            GET /maps/api/js?key=AIzaSyDRiOJcH5jlSFqsAFGOgkGLZ02XvQSMTHo&libraries=places&sensor=false&language=en-US&ver=5.1.2 HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56002
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=22
date: Thu, 08 Dec 2022 22:32:55 GMT
expires: Thu, 08 Dec 2022 23:02:55 GMT
cache-control: public, max-age=1800
age: 834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2459)
Size:   56002
Md5:    1cb0bc690dabc60e9268d89c14aeb21b
Sha1:   fdb06535fd8100a1344e3a0a6925db020a95e586
Sha256: 35605bff5beee283e6a569e456b74aa2763a80cef5ebc0123206b055937a33be
                                        
                                            GET /css?family=Montserrat:400%2C400+%21important%2C700%7CRoboto:700%2C400&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 22:46:49 GMT
date: Thu, 08 Dec 2022 22:46:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1195
Md5:    07642532ef3f57996652367e3a735133
Sha1:   6f7327ad6f02c98b80f11366107ef4d5abe7dd83
Sha256: 73097f704df43c8124c3297a57e7a9b70acc47287b9d247ca08e389adbb68f68
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:46:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/animations.css?ver=2.7.10 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:50:02 GMT
etag: "3cfb-5e9dce38493fc-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1551
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1551
Md5:    590881ddb2faca501eb64a1cae756d2a
Sha1:   095a054091ac2d12de37d460b54fac424f406fc1
Sha256: e4ac349500702dcd738cde2fb9eb760d6d11d762e25997a39e3cb9db23ad40a3
                                        
                                            GET /wp-content/plugins/formidable/css/formidableforms.css?ver=10181831 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 18 Oct 2022 18:31:28 GMT
etag: "c8c4-5eb534ce47ce3-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8583
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (51296)
Size:   8583
Md5:    ea90d24c5f8e265b80412d77c8fe82ce
Sha1:   9aa22159c8a3ad5e7980e8efc9d5ddd692236207
Sha256: 639d7e1e608414d341a42ed372d15f0f18caf92bb9cd946de61f814d711eea01
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 13 Jul 2022 13:21:17 GMT
etag: "15b64-5e3afa8f72a1e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11681
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   11681
Md5:    e5548800176e913a9084f47a3e1e04f6
Sha1:   eff4604acc5c26ae82a19188de2f98bf5b79d80c
Sha256: a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 25 Oct 2022 16:45:04 GMT
etag: "aab-5ebdea14c16e2-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 972
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   972
Md5:    8bf268dfcca7cb20719b7ea14373ef4a
Sha1:   58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
Sha256: eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:46:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/stm_fonts/stm-icon/stm-icon.css?ver=1.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 25 Oct 2022 16:53:57 GMT
etag: "18eb-5ebdec10e3351-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1333
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1333
Md5:    bca8508ed19ce66d215162de0dcd5743
Sha1:   538112b87de9de0ca1b5b7e2d446a3244e2f523a
Sha256: b080aba9c0cbdeb630352ebbce2c83a06783a09e4c34d54a0c8e73aa408582ef
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/owl.carousel.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "e2e-5d9e1308340c7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 899
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3630), with no line terminators
Size:   899
Md5:    0fd6cde7646e79e085a7bcd4e54454e1
Sha1:   6af9258308691fc18f233b3a716bab3d0ef49426
Sha256: 4ba6f1bcf100600b7f2e008c46cc8597916f14c8db378fa507f2daaa3560740d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/grid.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "2b33-5d9e13083350f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1444
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (540)
Size:   1444
Md5:    010ba361ace5fbb7d07bd66b3a48cf2a
Sha1:   c60c40f4e72c63363b68ba02a2a19b682041a10f
Sha256: f3edb316d73bcd98551b4d90fb059d3ebf5307852a046a507915fb0d8a7a60b8
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/lightgallery.min.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "50b4-5d9e130833cdf-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3790
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20660), with no line terminators
Size:   3790
Md5:    b8f5fb406b5dde0528079b1f2957f623
Sha1:   cd9e95a4c9121e714058ccd4b4bb20abfabc9080
Sha256: d906fb4ec194f825b3a60ba2367400588fee92446204b49fdab907258b0e68c1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 497
Cache-Control: max-age=167672
Date: Thu, 08 Dec 2022 22:46:49 GMT
Etag: "63925360-118"
Expires: Sat, 10 Dec 2022 21:21:21 GMT
Last-Modified: Thu, 08 Dec 2022 21:13:04 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120120
Date: Thu, 08 Dec 2022 22:46:49 GMT
Etag: "639199a3-1d7"
Expires: Sat, 10 Dec 2022 08:08:49 GMT
Last-Modified: Thu, 08 Dec 2022 08:00:35 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Tq_REmHXh6xP_THnyEPxvuxrso3_ZDZuQjUdiOiP_0c3GUNSMfd9Ag==
Age: 494

                                        
                                            GET /wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1670539608 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:15:37 GMT
etag: "e7d0-5d9e133737f19-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12869
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59158)
Size:   12869
Md5:    d7913fc87c4606f82b4ee77a8d47fc2f
Sha1:   62a54acf7535ae53425b44dadfe5fdabf3d8300a
Sha256: bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stm-megamenu/assets/css/megamenu.css?ver=2.3.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:17:22 GMT
etag: "a149c-5d9e139b90cf5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 29438
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (545)
Size:   29438
Md5:    45f6eab951ca317ec475b529f46417b4
Sha1:   fce41b7dd131001beb3f1dc96a1793452f624b44
Sha256: a231e34d708b1f7663ec942c27dd9eec1fcdf574b8f9431522d3c360afbf32a2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/service-icons.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "fad-5d2c3afd921f0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 977
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   977
Md5:    641140f1223ff5df29ee18f8c8f70aba
Sha1:   ee0c640727fd652e863fd635d520b173e8b40d13
Sha256: b5bc1943b25ef3c81c37dfb34d070364f53739ca18660bb96809c5a3225541aa
                                        
                                            GET /wp-content/themes/motors/assets/js/classie.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "7b4-5d2c3afdeea89"
accept-ranges: bytes
content-length: 1972
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1972
Md5:    55e1109b3022c56ad23c5ba676055619
Sha1:   a940196e1ddfad80d753dd70484da942a3b2c2b4
Sha256: 9477ec4f89eb231b413a95b7438ababe1800c2cff84bb08283dedadf565731f1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/jquery.cookie.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "c9f-5d2c3afdf1582"
accept-ranges: bytes
content-length: 3231
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3231
Md5:    274f1795c34d6b35e0e79eb1633abe23
Sha1:   a9e973e7d4830462c90a44f4766ab4e1f5177fe5
Sha256: 582e7032302e4a28726d52ff3ff8db3bb0d1b3a7c1e83e38890ee62bc0a174ed

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/boat-icons.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:33 GMT
etag: "12c6-5d2c3afd50329-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1007
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1007
Md5:    ed52b7ca5b3418b28153da35cedf6071
Sha1:   4487d8be68353b68bd5cc1d13f3f06f9cdbcfb27
Sha256: 19c044faacbde16eff6a8dbde2c95c527de4de1d75240f3e32f93de390db7582
                                        
                                            GET /wp-content/themes/motors/assets/css/rental/icons.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "658-5d2c3afd91638-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 516
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   516
Md5:    277e52066662b1b4a68efef4e93727e2
Sha1:   a2f2b791f3510e4b5d44554e004f60d041ceca9c
Sha256: 3659bb3504f8f1972b298b0e35d3a7bb23abad8480b894c730a6081159daf0cf

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/motorcycle/icons.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "5b3-5d2c3afd90a80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 490
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   490
Md5:    cb10860ede4d9ab43f9cdb5aaae451bd
Sha1:   e3910ef96d8ceb6550f9ea6a58c712d004b79acc
Sha256: 33da399f2c6220f71350a51b05a19058cec7ccc070e5b1c18520d0eaec608830
                                        
                                            GET /wp-content/themes/motors/assets/css/listing_two/icons.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "401-5d2c3afd8fadf-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 427
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   427
Md5:    19bb036adf9fd75599fa621d9cb38848
Sha1:   52111ce03d19317deb4405fe90e46fa556d3acd7
Sha256: 03e075be68024ed59155efdb887c1154ea3685980f4d35da09c6b2f21101a69a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/auto-parts/style.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:33 GMT
etag: "6bb-5d2c3afd4ff41-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 544
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   544
Md5:    647499d93bd6ced6839431fee63db188
Sha1:   2090144108643c4f8ad4181e18c7625a9019615d
Sha256: 46cb51a861e4887e2d2017ac5e6eb349bc2b4427948598d26d6e55e6e15dcf58
                                        
                                            GET /wp-content/themes/motors/assets/css/magazine/magazine-icon-style.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "3e5-5d2c3afd902af-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 421
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   421
Md5:    5c1a960d788c02bad2b16c27e454c54c
Sha1:   173296d3fc4e8de3414a123deb279dfdd64bd034
Sha256: f11d0b6e69aaf946642073a7cca64a84239b56463ea101419eb5cc2249a4bf5d
                                        
                                            GET /wp-content/themes/motors/assets/css/stm-aircrafts-font-style.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "5dd-5d2c3afd98f53-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 500
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   500
Md5:    e3aa2e50e7548a11d09b751859c1becb
Sha1:   576d4d743e87890fcb1d27c9b612095dc38f157f
Sha256: 08390ab2377861fbbeae93767265f829763ce9cbe12a73f93e79ce3eb2ce6c2c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/motors-vin-decoder/assets/img/vin-check-btn.svg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Fri, 30 Sep 2022 03:50:26 GMT
etag: "434-5e9dce4f3cf9d"
accept-ranges: bytes
content-length: 1076
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1076), with no line terminators
Size:   1076
Md5:    d0b222e20615087119d27f2619371dd0
Sha1:   dfa0a9fa19d7a53f94e430dc6210bb199b81d441
Sha256: d47df921df4e7d3e59b1b157ab1d80bdda634160a5e1f2f6251418964121b9f1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/motors-vin-decoder//assets/css/icons.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:50:26 GMT
etag: "586-5e9dce4f2e538-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 404
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1414), with no line terminators
Size:   404
Md5:    dcadca1139e6522100c6ba8850f572ca
Sha1:   dca0ee9e0f96f5f8d399e2aee39b26ff26a4ee18
Sha256: bb206bb906b05edee537c89d075ec04bc570ff9f7e59270d803b6f4bb80f2534
                                        
                                            GET /wp-content/themes/motors/style.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:35 GMT
etag: "298-5d2c3afeb1417-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 396
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   396
Md5:    5b14aab06cc4ce54392ef426221ba25d
Sha1:   07f40c8f54e83ff19f3d0b03529419cf0f93f1e5
Sha256: 32acde4090f36bd8d830b58765765d2fc848935052bb4154be54fb786447666b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:49:49 GMT
etag: "14d6-5e9dce2b4f716-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1108
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5334), with no line terminators
Size:   1108
Md5:    0b06d9e311712e0f5c38e06f549d646c
Sha1:   96ffc4906d416ca3c5e0aa21fc2d6ea262b4f8bd
Sha256: e3c5dbba5924a8329f175882cd40dba5f02b082fb631dc6510119a88ce19b112
                                        
                                            GET /wp-content/plugins/wp-auto-affiliate-links/css/style.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:49:44 GMT
etag: "c78-5e9dce267100a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 998
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   998
Md5:    863bd6ca1f3e51547c37bbf7f3a621ed
Sha1:   b24c95e413ff38ea4e4bf0abf88db4feebe9f565
Sha256: b895c8a154b420f9612aa9911eb4a1599585fc21e550dfff747226a1f38e59e5
                                        
                                            GET /wp-content/plugins/motors-vin-decoder//assets/css/service-icons.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:50:26 GMT
etag: "ce6-5e9dce4f2e920-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 691
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3302), with no line terminators
Size:   691
Md5:    ab6f97ea7059c232693a4b570e087b62
Sha1:   dcfe539ea4e28d385ce694223174123f82e14ac0
Sha256: 6d7bc8cdd8c2936c4e49bca0f1f14363bc020331fba7379c0f741f85e014ab6f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/motors-vin-decoder//assets/css/stm-icon.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:50:26 GMT
etag: "11f1-5e9dce4f2f0f0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 922
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4593), with no line terminators
Size:   922
Md5:    db40a8a36efef57420f92ea109fc33a2
Sha1:   5554034fed439657049ea0b3bd7eb43d9aa0fb50
Sha256: c3ff3a300e8016e244ca4e49de4285da191044970ddcf0f93710d014481f5765
                                        
                                            GET /wp-content/themes/motors/assets/css/jquery-ui.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "1ad9-5d2c3afd7d9c9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1833
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1165)
Size:   1833
Md5:    9c409d2d0082c4c92f139b79b9b56496
Sha1:   71af88ff8fb89bbde6780e3654e9ac5efcf6cd72
Sha256: 3abed05aa50906e4ba6d49983bd2c324bd57c9a0a4e74b52f95ceb965d27f27f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/css/select2.min.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "3a76-5d2c3afd91e08-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1998
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14965)
Size:   1998
Md5:    8e684dd388239a6bcac3bc41e52c4e17
Sha1:   2691065d51586e3fdcfce1ea8e51787a05061989
Sha256: f5e41c52b1303b9ad13beb859f02abc7397d27e3b6504c5bd82a2b68dfa6ece4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /px/smart/a/?c=243b667b11e7ebf HTTP/1.1 
Host: a.clickcertain.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cardealsnearyou.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.74.207
HTTP/2 302 Found
content-type: text/javascript
                                        
date: Thu, 08 Dec 2022 22:46:49 GMT
content-length: 0
location: https://a.clickcertain.com/px/?c=243b667b11e7ebf
set-cookie: _ccpx_u=17e7c6fd%2dfd39%2d41ef%2db467%2d585c65734e94; Expires=Fri, 08 Dec 2023 22:46:49 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-554675d589-2qlzc:cc-nginx-554675d589-2qlzc
x-requestid: 31dca6b3-23e5-401a-94b1-128fd8209c65
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEynEG6mZhb3j3Xr%2FPEJqofongmWj2MIcpxCY4ZTz1ozQhio3TbExXdvT2z9qxQavt3E%2Foe7MHUna7WX%2FyD%2Fn2P3cooOsgNvUMI%2BF1huIKhHSmsjhd9C7%2FBNvc23npz%2F0LlkYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77690a0e6e6bb503-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /rt?aid=18662&e=1&img=1 HTTP/1.1 
Host: rdcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.7.240.180
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Thu, 08 Dec 2022 22:46:49 GMT
content-length: 121
cache-control: private
location: /eow
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
set-cookie: aid=18662; expires=Fri, 01-Jan-2038 06:00:00 GMT; path=/;SameSite=None; secure ref=https://www.cardealsnearyou.com/; expires=Fri, 01-Jan-2038 06:00:00 GMT; path=/;SameSite=None; secure img=http://rdcdn.com/rt?aid=18662&e=1&img=1; expires=Fri, 01-Jan-2038 06:00:00 GMT; path=/;SameSite=None; secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   121
Md5:    3566835ab38329ddb105f8649131cabb
Sha1:   72eb59670ff0ea8cc99983629acc33aebd65a6e0
Sha256: 66b563593020781cd23517f1e111f600993a0b893f79970b32e9f95147db269c
                                        
                                            GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:19:20 GMT
etag: "385-5d9e140bc8be3"
accept-ranges: bytes
content-length: 901
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (715)
Size:   901
Md5:    e0b6ee7035469fab34982887e7ef21f7
Sha1:   8f38f75ae3db197142744524b6fcb8dc11efd577
Sha256: f7f639c14daca92fe9f66f08d4ef076d2413eb99dbc35129158de1814d1d7c91
                                        
                                            GET /wp-content/themes/motors/assets/css/jquery.stmdatetimepicker.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "4981-5d2c3afd7ddb1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 4618
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   4618
Md5:    2dbe5d4f94fdcf3df53ec6071a433b32
Sha1:   b71af6bb415f16b2624d97e8914137399c8ec596
Sha256: 0850bfcae403b88d409a60d16d73c6e1f7ef1c8274c5b090ab290b2aa7923546

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.7.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
etag: "865f-5d9e136b05866-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 4260
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (34217)
Size:   4260
Md5:    ff23202f1227d35b13635501c86b2156
Sha1:   31c5de356f90da7a53468ef8ed0a9237cdaa67ce
Sha256: c4b5a8cbcaef7b3a6d4d2f1a3d68cfac3a2ccb7fbfcd7ae212bf2c39fc85ed42

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 17 Dec 2020 15:23:57 GMT
etag: "2bd8-5b6aa9497f7ec"
accept-ranges: bytes
content-length: 11224
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   11224
Md5:    79b4956b7ec478ec10244b5e2d33ac7d
Sha1:   a46025b9d05e3df30d610a8aef14f392c7058dc9
Sha256: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/jquery.touch.punch.min.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "50b-5d2c3afdf38ab"
accept-ranges: bytes
content-length: 1291
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1090)
Size:   1291
Md5:    700b877cd3ade98ce6cd4be349d81a5c
Sha1:   c1c36e6927436231eb20474356b29667c4c648aa
Sha256: 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/vivus.min.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "2eb3-5d2c3afe1d89a"
accept-ranges: bytes
content-length: 11955
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11790)
Size:   11955
Md5:    edca8ffeb6cac2f6d5f9186043d569b6
Sha1:   ff20f18369ad92eedfee40a0cd461510eef41756
Sha256: 6cbced0782f23b4da0f1c24988d05a1395af3f6399a50cdd79114f1aac5b2b0c
                                        
                                            GET /wp-content/plugins/motors-vin-decoder//assets/css/vin-decoder.css?ver=e36eae1c9f3075d8b2de55c94dc7e512 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 30 Sep 2022 03:50:26 GMT
etag: "5b46-5e9dce4f2fca8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 4490
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23366), with no line terminators
Size:   4490
Md5:    409ed4df68521a808313b7ce8d2875d3
Sha1:   2bfeb5236e3db8e1ed77213d8dad9e97b6f7bb17
Sha256: ec27d1caa25b46911cbe9f09fc12684cb3dc2c07c36972f6f9b9304145e9fd62
                                        
                                            GET /wp-content/themes/motors/assets/js/jquery.cascadingdropdown.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "3af3-5d2c3afdf119a"
accept-ranges: bytes
content-length: 15091
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   15091
Md5:    d46dc465806c94eb45c31ef252cc4d3e
Sha1:   6af119bb9785f07c0bdb0a6be7ade13cc045135c
Sha256: 17fb1aea21344fabd758897bdf5b704ee83e417efd5411c836cfef6ec2dfc41a
                                        
                                            GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Thu, 10 Mar 2022 18:16:09 GMT
etag: "44-5d9e135542066"
accept-ranges: bytes
content-length: 68
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size:   68
Md5:    2a637d3d825673c0e3462fa4ed9a1c5c
Sha1:   81668d396da22832d75a986407ff10035e0d5899
Sha256: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
                                        
                                            GET /wp-content/themes/motors/assets/css/animation.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:33 GMT
etag: "14f25-5d2c3afd4f388-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6679
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6679
Md5:    c539b9aac3a65cca3f449ef37e548ccb
Sha1:   b87a9e1f75f50a6d22ee1d783d3689d674204f0b
Sha256: 7e9d9f8aacc325dc3d2abfa0252b9049cd3399c7f81cbf32f776c4644d0ec698

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/app-user-sidebar.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "382-5d2c3afdec760"
accept-ranges: bytes
content-length: 898
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   898
Md5:    233c154fec1bd47cb2d7c5c9c5f70941
Sha1:   40260ff178c49cf3ecffe7b8484d07e52308cead
Sha256: f0fcb6a32306c5ff4a50df8e19e176be412c7ec0b9306c8083347a52c98ca1bd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /eow HTTP/1.1 
Host: rdcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cardealsnearyou.com/
Connection: keep-alive
Cookie: aid=18662; ref=https://www.cardealsnearyou.com/; img=http://rdcdn.com/rt?aid=18662&e=1&img=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         52.7.240.180
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Thu, 08 Dec 2022 22:46:49 GMT
content-length: 151
location: https://rdcdn.com/images/blank.gif
cache-control: private
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   151
Md5:    82133787c1fcce4fd893463e0b0b3ecb
Sha1:   f4af96850470b845614985cb3a56d9e16ad14e9c
Sha256: ba90dc61e3a7b2caff87da8bf66ff677120d58b1f76e79f40dcfaac4cf58a555
                                        
                                            GET /maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=5.1.2 HTTP/1.1 
Host: developers.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 16 Jan 2017 03:43:59 GMT
set-cookie: _ga_devsite=GA1.3.3339737515.1670539609; Expires=Sat, 07 Dec 2024 22:46:49 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-hwV26b+NRvDMo75yVTN2+RLWUpyYQw' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 0f3596e1ac26bf4d777519f53aae4012
vary: Accept-Encoding
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Google Frontend
content-length: 8937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   8937
Md5:    4006fd0e4f448db64df98fa9432dd4dd
Sha1:   922d5e7280dbdbbfd0590787673bacd3056fa854
Sha256: 5e0998066136dbf281d390f94e4cff15fdc5e459d29e2a0741740e7aa6afd806
                                        
                                            GET /images/blank.gif HTTP/1.1 
Host: rdcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cardealsnearyou.com/
Connection: keep-alive
Cookie: aid=18662; ref=https://www.cardealsnearyou.com/; img=http://rdcdn.com/rt?aid=18662&e=1&img=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         52.7.240.180
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 08 Dec 2022 22:46:49 GMT
content-length: 42
last-modified: Thu, 23 Dec 2021 21:40:22 GMT
accept-ranges: bytes
etag: "0e70b045f8d71:0"
server: Microsoft-IIS/10.0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    accba0b69f352b4c9440f05891b015c5
Sha1:   9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
Sha256: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:46:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.7.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
etag: "dc69-5d9e136b05096-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12251
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (56243)
Size:   12251
Md5:    56ff26e4540fe0eb470200be12da9539
Sha1:   e55c1cf13307417eb0721280047dfe0a7e870752
Sha256: 41bd8b382a880ae6ec59d84506d7b5ba03c23eb9dd5b4044eb8f50e182fb39f4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:16:10 GMT
etag: "e197-5d9e13570059b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12303
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (12602)
Size:   12303
Md5:    ec14123fd07ef488fc1aff60a6f99c13
Sha1:   55e9b5c3cad505a780d948349d9009867368cf6a
Sha256: 46e3efd2835c5f189acbe5c392d41ce6b86f2cfe3f064cdd6780032777f5706a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 17 Sep 2021 17:31:52 GMT
etag: "15db1-5cc344e9c4b4e"
accept-ranges: bytes
content-length: 89521
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   89521
Md5:    02dd5d04add4759122013c5ab4dc5cc2
Sha1:   a45a56e396ac549b4ff39b696ce9e0c16a7612de
Sha256: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
                                        
                                            GET /wp-content/themes/motors/assets/css/bootstrap.min.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "1ca38-5d2c3afd55d03-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 19250
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   19250
Md5:    a69801e0e683a8efdc50685e08da6a5c
Sha1:   6f9e7217c522f9e426b01836de5ca4b489da9cc8
Sha256: af869524400958bf10cefcd1a2790715f9f569117fabe6c69e24e5ca65e45321
                                        
                                            GET /wp-content/themes/motors/assets/css/dist/headers/header-car_dealer.css?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "271fc-5d2c3afd691a1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 10852
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   10852
Md5:    d23d8ee10642ccb21ae0153d554fda59
Sha1:   6de0a2d9861421f92ed4f77633c47ebbb9736022
Sha256: c70f9c79a5d06d76a364ba8fa18218ef77aa585888ca2a418d61753edfec6e30

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stm-megamenu/assets/js/megamenu.js?ver=2.3.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:17:22 GMT
etag: "ddc-5d9e139b93406"
accept-ranges: bytes
content-length: 3548
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3548
Md5:    1d26ded5f43ab4a713a025725d980d93
Sha1:   f6372bb22d53b2986160a3ff764f6ef2e615130c
Sha256: 69e9d8eeb0cc13a23f786c0dafd6909001e394d69d397083473ccd6ee2f0b234
                                        
                                            GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 30 May 2022 03:23:25 GMT
etag: "d53-5e0322dd55ac3"
accept-ranges: bytes
content-length: 3411
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3233)
Size:   3411
Md5:    5c38aa6d5b98586ca2ba973ab8b4b6b1
Sha1:   8215983363ea0d74f99368336404b0d27217778f
Sha256: 7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/jquery.cookie.js HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "c44-5d9e13084daf8"
accept-ranges: bytes
content-length: 3140
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3140
Md5:    0f1f6cd6e0036897019b376d38593403
Sha1:   498b29de6e170fffc8535183b7d6550490f0a159
Sha256: 8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2022/12/0-APR-Guide-What-You-Need-To-Know-Before-Financing-350x181.jpg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Wed, 07 Dec 2022 17:20:21 GMT
etag: "1d4e-5ef40229a4649"
accept-ranges: bytes
content-length: 7502
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 350x181, components 3\012- data
Size:   7502
Md5:    a67452cd96a0b162ac0c5d08b7b9e604
Sha1:   8432b34cab30d2e75e33b5ce0e2bd87a0e8d8d9c
Sha256: 2d13907be02b711dba70eca9cf60821584e7a571b6228c8f258b6a578af19948
                                        
                                            GET /wp-content/uploads/2021/12/cu-1-350x205.jpg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Wed, 05 Jan 2022 15:16:25 GMT
etag: "2462-5d4d73cb8db7e"
accept-ranges: bytes
content-length: 9314
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x205, components 3\012- data
Size:   9314
Md5:    69608054e1e55088716a9f5c97b25aa9
Sha1:   01355c2d0f11001e993866564c39313be6201df7
Sha256: 27263256df09c1beea5c70b6f8c35a3935c60a98cfa4db4685c4c4357a9c85ec
                                        
                                            GET /wp-content/uploads/2017/09/2018-toyota-camry-350x205.jpg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Wed, 17 Nov 2021 23:18:02 GMT
etag: "24c7-5d10440e0d7b5"
accept-ranges: bytes
content-length: 9415
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x205, components 3\012- data
Size:   9415
Md5:    819068307a587d984f28e60907bdfd1c
Sha1:   6e46fea8bc6c0b264e0100c94820443f729aeac3
Sha256: a52a9b7ae1715e83974c953535f27607c6cf7b36cb5825ccdf34b0af847326ae
                                        
                                            GET /wp-content/uploads/2022/01/img-1-960x-350x205.jpg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Thu, 06 Jan 2022 15:24:16 GMT
etag: "2c46-5d4eb76a0b233"
accept-ranges: bytes
content-length: 11334
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x205, components 3\012- data
Size:   11334
Md5:    66cc6b8b127fc5d9149fd34ec77c20ed
Sha1:   e1dad3dceaac31074655d2e7120e0c7741ea354d
Sha256: 1ce5e67c9fb60b2215f6ef8151ddc43e3ffe1587aec9e53e4e2de3d8b65780ce
                                        
                                            GET /wp-content/uploads/2015/12/6-350x205.jpg HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 17 Sep 2021 18:57:33 GMT
etag: "2f88-5cc3581046509"
accept-ranges: bytes
content-length: 12168
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x205, components 3\012- data
Size:   12168
Md5:    6687e81017d51a5ae62ac9d4a8e272d2
Sha1:   fd38828d026ea40e7e0f40835767af9d7a292593
Sha256: ac63a05279b1d4d0ed62cd73480673108d526a72ff593d0f3ac6a00d072be9d0
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/filter.js HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "f0f-5d9e13084cf3f"
accept-ranges: bytes
content-length: 3855
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3855
Md5:    4b48425e53ee05842fa3dba2952cca8c
Sha1:   d69bbb7e79c27e0b6c1dd13881c1dbc7c40ba7a3
Sha256: 2ed882d62d05459ec26f592856c0b845c01576d77982041311bca039901102a4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2021/09/logo.png HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Fri, 17 Sep 2021 18:13:07 GMT
etag: "7df1-5cc34e21889ef"
accept-ranges: bytes
content-length: 32241
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1738 x 286, 8-bit/color RGBA, non-interlaced\012- data
Size:   32241
Md5:    4deff5845cbb90754c8ffabf3dfd81cd
Sha1:   1f618ced7ef5cf2a02af294275249388f6c2a835
Sha256: 5ab4cc19429e66d11688ffb55af4f733c289799eaaae054b14893ccfd13fa341
                                        
                                            GET /wp-content/uploads/2015/12/cndy1_300x250_FINANCING.png HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Tue, 17 May 2022 12:54:28 GMT
etag: "10337-5df34a41da471"
accept-ranges: bytes
content-length: 66359
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   66359
Md5:    0b841c6ad2aa84d74ed2b064ba608e44
Sha1:   8cbaf0736f2be0204f37d861fad78c6ac337b763
Sha256: f1c83dd7711344434da0d72a536bbf998fb6033a93efe7a8c405aa31f4e28e76
                                        
                                            GET /wp-content/themes/motors/assets/js/stm-google-places.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "12c6-5d2c3afe18a78"
accept-ranges: bytes
content-length: 4806
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Algol 68 source text\012- Pascal source, ASCII text
Size:   4806
Md5:    f130c0956c2e19ed130561577a694499
Sha1:   1ef8515331c4861d7c8ccbcc79382802dc003c83
Sha256: 930cfdcae2f9f6e399d2cf40fe97c1ce86f97cf7f6c6994573d61f4b39ce3565

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/font-woff
                                        
last-modified: Thu, 10 Mar 2022 18:16:11 GMT
etag: "1d70-5d9e1357174d3"
accept-ranges: bytes
content-length: 7536
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Size:   7536
Md5:    04eb8fc57f27498e5ae37523e3bfb2c7
Sha1:   d942ae11706c3f7e511e3c49b0e4574d7ad199c4
Sha256: f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
                                        
                                            GET /wp-content/themes/motors/assets/js/lazyload.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "162f-5d2c3afdf407b"
accept-ranges: bytes
content-length: 5679
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5679
Md5:    2e546bbdcb575cc8ccfd49e09f8a0d1e
Sha1:   de02ee8c061a9e7b019af42d6894e9a6161c044b
Sha256: 56a580939c1b8c0a26c5fab297b2efc96e7dfe1e66b22b70adc9ef440b4d2b03

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/jquery.countdown.min.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "14db-5d2c3afdf196a"
accept-ranges: bytes
content-length: 5339
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4136)
Size:   5339
Md5:    5d3ff3c3fbaa67cc639501f44eeb07be
Sha1:   bd66e4cd58de09c198e7abc77fa4c883955d189e
Sha256: 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/form-autocomplete-nish-premium/js/app.js?ver=2.0.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 19 Apr 2022 14:32:02 GMT
etag: "1c56-5dd02bd7ece60"
accept-ranges: bytes
content-length: 7254
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   7254
Md5:    7c898d32907792a4ca6d509d0c2b52af
Sha1:   b54cb8a2682a24d180f0528ef06d998f88fc3a59
Sha256: 05322da8b0c192999052935f12b463d6e5a84b224f6fae2937abeb2b27b6bebe
                                        
                                            GET /wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 30 May 2022 03:23:25 GMT
etag: "19fb-5e0322dd52fca"
accept-ranges: bytes
content-length: 6651
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6469)
Size:   6651
Md5:    986cbf4f93616febf4243f6e3e76e3e9
Sha1:   7de9dd72732ca8fe46c0242749d4a705345fe0b7
Sha256: c3a015f250093ba41c36da57625051930eada74b0bb8d61b7e0c6fef36952317
                                        
                                            GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
etag: "76878-5d9e136a58a8c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 45810
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65358)
Size:   45810
Md5:    bfddc4ff4e82f2dd9a33b2b0bf3bb878
Sha1:   5cb05aacf9e97c6c58e02fabd69fcae22118c200
Sha256: be6316c3e4d24d0b139c1afabe5be1fd0e84e62a0e72d9f507eb32407897d4b2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/jquery.uniform.min.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "216b-5d2c3afdf3c93"
accept-ranges: bytes
content-length: 8555
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8555), with no line terminators
Size:   8555
Md5:    602e6f2ddacb95ef0f3061fd2a671f87
Sha1:   91cbe28c3c5cf6187680f4529f0c40e4cf6098ff
Sha256: 8db04d82f75d8073b25dc594a13c2dafdfb762f8d66ed1dd32f95c3420868a6a
                                        
                                            GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 30 Sep 2022 03:49:49 GMT
etag: "222e-5e9dce2b5f503"
accept-ranges: bytes
content-length: 8750
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (8750), with no line terminators
Size:   8750
Md5:    5f7dca83f1cac6295b0d4c72e325ac20
Sha1:   e0aacf1cfd0d8ed4bc37c8ef2be23d46513b71ed
Sha256: af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 25 Oct 2022 16:45:04 GMT
etag: "26d1-5ebdea14ce207"
accept-ranges: bytes
content-length: 9937
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9937), with no line terminators
Size:   9937
Md5:    dc74c9954b1944928eca0172c3b8c6b3
Sha1:   e9e00e587e0e28491b69563b4e768945ff2e0ed5
Sha256: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/app-header-scroll.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "269f-5d2c3afdeb3d8"
accept-ranges: bytes
content-length: 9887
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   9887
Md5:    3e79399963f950548b8528e8f2ce8354
Sha1:   48f2c8bf5bf3ab66c930bbf4aaebc4d44b549e40
Sha256: 7ccc91bc49d744f8f5131ab1a1080c4fb4afad71648f71901344f76e013faae7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/init.js HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:14:48 GMT
etag: "2afc-5d9e13084d710"
accept-ranges: bytes
content-length: 11004
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   11004
Md5:    ef27876965ca7a901f5d659cfef2508e
Sha1:   00ef39e8450b72bdac334c9d6d360f97dbc54c5c
Sha256: b52fb9c7daf25d03006566b0ed7941011b21a1b42041cabce73c681e8163e4dd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/sell-a-car.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "28a7-5d2c3afe182a8"
accept-ranges: bytes
content-length: 10407
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   10407
Md5:    940cfb0a414f7d25580db8ae1d593cce
Sha1:   9fc3d2e8fe80298b7698e91d50eb9a8353845e5e
Sha256: 3a1828577697300c7856c303a82e07c62a4ce6886f8783e0494b6f11638a9772

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 30 May 2022 03:23:25 GMT
etag: "29ff-5e0322dd57234"
accept-ranges: bytes
content-length: 10751
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10572)
Size:   10751
Md5:    0ee357a183287d64fcf277f66d532e6d
Sha1:   b45721bde387037ac73347020edb890ac4a77814
Sha256: 7ce6eb9cd7f07b424c34ee977214503668ae5e137d07b3fe0a37373e57686ebf
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 25 Oct 2022 16:45:04 GMT
etag: "3016-5ebdea14c45c3"
accept-ranges: bytes
content-length: 12310
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12310), with no line terminators
Size:   12310
Md5:    1f9968a7c7a2a02491393fb9d4103dae
Sha1:   0032c8a6a692e6f072b2cef20828449402fdd57d
Sha256: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/filter.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "30bf-5d2c3afdef641"
accept-ranges: bytes
content-length: 12479
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   12479
Md5:    66c22cb02b7d85cf5b8dad3bbddfa373
Sha1:   cf41bdb5596cda0a6492be756a1256a76a0269ab
Sha256: 92aad1c4ed170ca3235640b5acdebbd3a5433bf4b4441f4e24b88e19bc183bbc
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.7.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 10 Mar 2022 18:16:32 GMT
etag: "3222-5d9e136b26f99"
accept-ranges: bytes
content-length: 12834
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12478)
Size:   12834
Md5:    0bf128a0c049a8e5386d7c709e8f2d5d
Sha1:   dca62041e11fcbb5aeb958612916f3453efbcf5c
Sha256: 2d42b8a78389235460930cf4f496b8411d46a3344229e4309480803bb39d1575

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A1A69F0C72380E81AF95A7C3AD3A3503A5FCC46F0150AF9866B064E0FF9AA32F"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4915
Expires: Fri, 09 Dec 2022 00:08:45 GMT
Date: Thu, 08 Dec 2022 22:46:50 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/themes/motors/assets/js/lg-video.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "351d-5d2c3afdf4463"
accept-ranges: bytes
content-length: 13597
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   13597
Md5:    5f7d592389a8dbbf34620dd38d2d2c57
Sha1:   46405fe79ab85a930797c814d6cd8879a7553041
Sha256: 53aad6aea6b1938f9b296a38293fb4b862a066e0102020b6772e5a8c72060044

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/motors/assets/js/smoothScroll.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "5b47-5d2c3afe18690"
accept-ranges: bytes
content-length: 23367
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   23367
Md5:    28caad470346a31bde5404ea7c6be837
Sha1:   927590e21de028a332a5fa2f036c6d063860ed3c
Sha256: 11a137a3aa4740aa67ff3f25ec5034c22c5d4532b7112e3f116170039371016b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:46:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/motors/assets/js/load-image.all.min.js?ver=5.1.2 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         8.38.122.197
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 10 Dec 2021 05:06:34 GMT
etag: "6623-5d2c3afdf5404"
accept-ranges: bytes
content-length: 26147
x-signature: KUSANAGI
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Dec 2022 22:46:49 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (26142), with no line terminators
Size:   26147
Md5:    cb3dbe292b68411b99ee97e96b466401
Sha1:   485596ed25391964a16e53bab5f0bc0cd9519ab9
Sha256: 24f0a6a74ca6edba6bb4ff364aae0fa92eac5835b529a2e05faf8666f5cd635d
                                        
                                            GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0 HTTP/1.1 
Host: www.cardealsnearyou.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cardealsnearyou.com/?utm_source=709&utm_medium=cpc&utm_campaign=8760&utm_content&utm_term
Cookie: stm_visitor_1=58464791
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin