r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6022
Expires: Mon, 06 Feb 2023 17:07:51 GMT
Date: Mon, 06 Feb 2023 15:27:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9091
Expires: Mon, 06 Feb 2023 17:59:00 GMT
Date: Mon, 06 Feb 2023 15:27:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3392
Expires: Mon, 06 Feb 2023 16:24:01 GMT
Date: Mon, 06 Feb 2023 15:27:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 14:36:27 GMT
content-type: application/json
age: 3062
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dvEpmvt1qDNl9G+owsH0/qHCpbx1EiMlYEMmm+Bm7SuKytQp4VjDIpgejqZSOYuN06rOpqZROrU=
x-amz-request-id: G2RYDVM36QDAGKR6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 15:24:59 GMT
age: 150
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
192.124.249.130301 Moved Permanently 511 B URL HTTP/1.1 approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
IP 192.124.249.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (353)
Hash e627ed25fd35915fe03d09760167f81c
da9a115dd8437ad3012f2fa1da2caddaa0bf911d
0be0a840bd5e8e852797022baafbfd690e291fb4fac5a66f96577f63aec9634a
GET /netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Mon, 06 Feb 2023 15:27:28 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 511
Connection: keep-alive
X-Sucuri-ID: 19030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cache-Control: max-age=0
Expires: Mon, 06 Feb 2023 15:27:29 GMT
X-Sucuri-Cache: BYPASS
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:29 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e56b0acd708903a4fa7b963caf560192
a86605313becaa05619e3e09f46965fc71b820f9
6b1d71bf84afd486ac7445839e480b23b99d2ac7cc3757ba3c1bf0a9dd325080
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 06 Feb 2023 15:27:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 05 Feb 2023 20:43:32 GMT
Expires: Mon, 06 Feb 2023 20:43:32 GMT
ETag: "a86605313becaa05619e3e09f46965fc71b820f9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 15:07:20 GMT
age: 1209
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15933
Expires: Mon, 06 Feb 2023 19:53:02 GMT
Date: Mon, 06 Feb 2023 15:27:29 GMT
Connection: keep-alive
push.services.mozilla.com/
35.162.143.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.143.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MbRzftioDBjLBE88PzAqvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zHtILAOCESStlHt+LSc5vGjbwfU=
approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
192.124.249.130404 Not Found 8.5 kB URL HTTP/2 approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
IP 192.124.249.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash 895e7e6d2ec854ca7d2d168f804ca323
a96d39ff1590c31ddf66e87ac25ae60ef28be7d0
47db8d0b86d9da30bb7354241cdbf5cd0dcd5a99e238f34aa1717c1fb584335b
GET /netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx
date: Mon, 06 Feb 2023 15:27:30 GMT
content-type: text/html; charset=UTF-8
content-length: 8500
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://approvalguy.ca/wp-json/>; rel="https://api.w.org/"
set-cookie: stm_visitor_1=91273074; expires=Wed, 08-Mar-2023 15:27:30 GMT; Max-Age=2592000; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0a31b6d79db309236fb8afdd30634976
478901350be6ffb4a85646c739972d3015ef01ca
65b010ee48624bfc9a907ca6621ba9d44d712342ca5285d0bb2348b339220f07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5727
Cache-Control: max-age=94133
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:27:30 GMT
Etag: "63dfd2b8-117"
Expires: Tue, 07 Feb 2023 17:36:23 GMT
Last-Modified: Sun, 05 Feb 2023 16:00:56 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0a31b6d79db309236fb8afdd30634976
478901350be6ffb4a85646c739972d3015ef01ca
65b010ee48624bfc9a907ca6621ba9d44d712342ca5285d0bb2348b339220f07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5727
Cache-Control: max-age=94133
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:27:30 GMT
Etag: "63dfd2b8-117"
Expires: Tue, 07 Feb 2023 17:36:23 GMT
Last-Modified: Sun, 05 Feb 2023 16:00:56 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1675697250
142.250.74.106200 OK 2.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1675697250
IP 142.250.74.106:0
Hash 65d356ad78116a08ee84d776964df1d5
aef4098c828cbf5cea94ca3aa6b45645f82c208a
7a05694f268246115f6a332012f2c5d26de1aeeb2249bd8ce7f8e15c077894a2
GET /css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1675697250 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 15:27:30 GMT
date: Mon, 06 Feb 2023 15:27:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?libraries=places&sensor=false&language=en&ver=1675697250
142.250.74.106200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?libraries=places&sensor=false&language=en&ver=1675697250
IP 142.250.74.106:0
File type ASCII text, with very long lines (2561)
Hash 3b0db699c158a2679c003618f668b4be
1ff2f0a86db28a0c4455eb77253d307a72b2bdcc
de55dba83e03bd89fcc6fa1defb61b61c00e30237ea99b403eae3a5c804714b4
GET /maps/api/js?libraries=places&sensor=false&language=en&ver=1675697250 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Mon, 06 Feb 2023 15:27:30 GMT
expires: Mon, 06 Feb 2023 15:57:30 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55743
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
developers.google.com/maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=1675697250
142.250.74.142200 OK 8.9 kB URL HTTP/2 developers.google.com/maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=1675697250
IP 142.250.74.142:0
File type HTML document, ASCII text
Hash 0501768ee994ac0cc9cca15bd227dbc4
0f17785b8dd39eb065fe7ecae444cbc956e56337
c42d546389a53d7e6b8d961e15d0fe8488e7ffd6b6530fbbd2f403eaa1a793f1
GET /maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=1675697250 HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 16 Jan 2017 03:43:59 GMT
set-cookie: _ga_devsite=GA1.3.2386735152.1675697251; Expires=Wed, 05 Feb 2025 15:27:31 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-uaD3l/Uw0dYVxvcDXMarC858xWg2KV' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 1ed57fdc8074005478248990781e2cf4
vary: Accept-Encoding
date: Mon, 06 Feb 2023 15:27:31 GMT
server: Google Frontend
content-length: 8937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:27:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2678
Expires: Mon, 06 Feb 2023 16:12:09 GMT
Date: Mon, 06 Feb 2023 15:27:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2678
Expires: Mon, 06 Feb 2023 16:12:09 GMT
Date: Mon, 06 Feb 2023 15:27:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2678
Expires: Mon, 06 Feb 2023 16:12:09 GMT
Date: Mon, 06 Feb 2023 15:27:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2678
Expires: Mon, 06 Feb 2023 16:12:09 GMT
Date: Mon, 06 Feb 2023 15:27:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:39 GMT
age: 62032
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 000cb25b2cb4fa30ce745582dafbab99
a5227f79e64bcab8d8f03822e6d408400a03a23e
7f6a2a99bff95672d34b41489d0dd1132ab8654b745e728e15ed95e987b7ed62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10582
x-amzn-requestid: e18bacd8-6d0e-4957-93ab-97def7442f8c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okSFKKIAMFlUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214e-05486d9b283cedc008cba781;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: p1ToWLG__PFWEMRxlPZcouvOTijPoUcMr7ubDCNcy2wMwgusbBjGPA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:04:24 GMT
age: 62587
etag: "a5227f79e64bcab8d8f03822e6d408400a03a23e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 63442
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 18:39:44 GMT
age: 74867
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0f48a44e1aece8d271028a7b0684cac
9f7247a3bb9248cd281c568ebba6e52b38b00149
0a34b5dc66f170403e79b2315a7cacef1703ce3777a20914525f86d46c0cd637
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11481
x-amzn-requestid: b50de2d1-c23b-4908-8fc3-e84eea0382a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRFL-oAMFnSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-0254cda141886e0f39e8f8b3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIJ6iTpVC0gVV6Q0dd_-ZTWkwm3q0vP52N3088Rd7O9pb8D39XfnBg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 63448
etag: "9f7247a3bb9248cd281c568ebba6e52b38b00149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 63448
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.9.2
192.124.249.130200 OK 2.0 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.9.2
IP 192.124.249.130:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash 38b1f483d4bf6b1548990385c8673746
1668edb02c5170be308368292a4c12033d0a42f4
98138d83d7cb12e99802ba034b400a67e0d7b6e378d8bcd1b4d9f4fe44ce1111
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.9.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 1962
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
192.124.249.130200 OK 995 B URL HTTP/2 approvalguy.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
IP 192.124.249.130:0
Hash a81b8fb4af6a0bfef4d8fb610b7e3fd2
54ac8812d0ee99a38e33f734f34179a77e95e547
6a391fc773bce731189bf93ecf097629718030c411493a92842b12939bee8479
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 995
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:44:45 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/ihover.css?ver=6.0.3
192.124.249.130200 OK 10 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/ihover.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with CRLF, CR line terminators
Hash 06a930f361542b47dad8853305b8f304
2f52d0aa8bae5ec9f8267f9d817f27296c4ddbd9
e4c87cbcb6519d1a83f5e7340f19dc09f1779f6aaea733aea5856698e14059d9
GET /wp-content/plugins/mega-addons-for-visual-composer/css/ihover.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 9992
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 16 Jan 2021 17:11:29 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_motors_review/assets/css/review-font-style.css?ver=6.0.3
192.124.249.130200 OK 703 B URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_motors_review/assets/css/review-font-style.css?ver=6.0.3
IP 192.124.249.130:0
Hash 78a8a37efff577895faad3c5fb8ce3cf
84de44d4e332890f3268445ff1fc1cc3ac238051
5007ba79f533b1eda493927ced5ca6405128482137c8b4cf9ffe53564b37e207
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_motors_review/assets/css/review-font-style.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 703
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 07 Aug 2021 15:34:04 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/lightgallery.min.css?ver=6.0.3
192.124.249.130200 OK 3.8 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/lightgallery.min.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with very long lines (20660), with no line terminators
Hash b8f5fb406b5dde0528079b1f2957f623
cd9e95a4c9121e714058ccd4b4bb20abfabc9080
d906fb4ec194f825b3a60ba2367400588fee92446204b49fdab907258b0e68c1
GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/lightgallery.min.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 3790
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/owl.carousel.css?ver=6.0.3
192.124.249.130200 OK 899 B URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/owl.carousel.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with very long lines (3630), with no line terminators
Hash 0fd6cde7646e79e085a7bcd4e54454e1
6af9258308691fc18f233b3a716bab3d0ef49426
4ba6f1bcf100600b7f2e008c46cc8597916f14c8db378fa507f2daaa3560740d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/owl.carousel.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 899
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-rental.css?ver=1675697250
192.124.249.130200 OK 513 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-rental.css?ver=1675697250
IP 192.124.249.130:0
Hash fd416c252f2442554e228bfc093a1f0e
fc7dfd1094efde486d1c5b7e69efc7c0adbf10be
6f15ff6d2040a901ff2d1704dec2922c31d2dcef4bcbd86de577b0fcf675ab61
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/iconset-rental.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 513
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/grid.css?ver=6.0.3
192.124.249.130200 OK 1.4 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/grid.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with very long lines (540)
Hash 010ba361ace5fbb7d07bd66b3a48cf2a
c60c40f4e72c63363b68ba02a2a19b682041a10f
f3edb316d73bcd98551b4d90fb059d3ebf5307852a046a507915fb0d8a7a60b8
GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/grid.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 1444
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-magazine.css?ver=1675697250
192.124.249.130200 OK 414 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-magazine.css?ver=1675697250
IP 192.124.249.130:0
Hash 8b28e3502a0a05ea8a0255fc1ffa26ee
bc79329c99a4604e2d5b54085d857fdd48067c4c
bf82a3cdc3ddc88f9df2e724b1c82c30030810a4c13bd00f4df224a8911954c6
GET /wp-content/themes/motors/assets/css/iconset-magazine.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 414
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-service.css?ver=1675697250
192.124.249.130200 OK 977 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-service.css?ver=1675697250
IP 192.124.249.130:0
Hash 641140f1223ff5df29ee18f8c8f70aba
ee0c640727fd652e863fd635d520b173e8b40d13
b5bc1943b25ef3c81c37dfb34d070364f53739ca18660bb96809c5a3225541aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/iconset-service.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 977
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:23 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-default.css?ver=1675697250
192.124.249.130200 OK 1.4 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-default.css?ver=1675697250
IP 192.124.249.130:0
Hash abbd55bd43a2efcf75b22a38b070a5fe
b76893b2335da971e3475e78a87b07aa4bca542a
774abd8e901d406279e9cc26ba019b500eb9abaf8792db33cc5393cdec86eb83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/iconset-default.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 1396
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-boats.css?ver=1675697250
192.124.249.130200 OK 999 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-boats.css?ver=1675697250
IP 192.124.249.130:0
Hash 1181af493470f970b5490f947ed50a47
74fc156dcf06e315e1864435e0cbc4a08a3caa6f
18aef60c4a5ef8a52700257478b9795e0981eaf5823218d612efb7d55ae4e4c3
GET /wp-content/themes/motors/assets/css/iconset-boats.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 999
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:23 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-auto-parts.css?ver=1675697250
192.124.249.130200 OK 541 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-auto-parts.css?ver=1675697250
IP 192.124.249.130:0
Hash b285dfdb3b762a01013eb750262d20ba
a0f647cd594ed1fdacd95d69aa19d0447ef3e358
5bab82c50fb894acc67baa4b80011ba8f7055bd2b02a1aa883efca69e315b662
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/iconset-auto-parts.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 541
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-aircrafts.css?ver=1675697250
192.124.249.130200 OK 500 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-aircrafts.css?ver=1675697250
IP 192.124.249.130:0
Hash e3aa2e50e7548a11d09b751859c1becb
576d4d743e87890fcb1d27c9b612095dc38f157f
08390ab2377861fbbeae93767265f829763ce9cbe12a73f93e79ce3eb2ce6c2c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/iconset-aircrafts.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 500
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/select2.min.css?ver=1675697250
192.124.249.130200 OK 2.0 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/select2.min.css?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (14965)
Hash 8e684dd388239a6bcac3bc41e52c4e17
2691065d51586e3fdcfce1ea8e51787a05061989
f5e41c52b1303b9ad13beb859f02abc7397d27e3b6504c5bd82a2b68dfa6ece4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/select2.min.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 1998
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=6.0.3
192.124.249.130200 OK 182 B URL HTTP/2 approvalguy.ca/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with no line terminators
Hash 08120e33c4f50cbbf9fee683ef49f0d0
304358f57b904b63bc738dc479d9453d1f52d685
95325cc57971a2252f6bbdb2be79a1665173419bee9935248451dc7b54dc525f
GET /wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 182
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 12 Dec 2020 17:20:11 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_motors_review/assets/js/motors-review.js
192.124.249.130200 OK 536 B URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_motors_review/assets/js/motors-review.js
IP 192.124.249.130:0
Hash a77874f0e35d65ff476debf334f1fbb0
4b50be907b7739402655f95a218b1905db6d4fa4
03a86e38864bb45e921842e4a94d971c775c842e1688a8df765460981b7f96b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_motors_review/assets/js/motors-review.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 536
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 07 Aug 2021 15:34:04 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.2.0
192.124.249.130200 OK 3.5 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.2.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (9111)
Hash f6004c12128ba678a6ab8fafb9cb1d61
a023d537a3273176524815baca3f2c42cc601a3c
e516f66f227db9eb26f5bec7605f4647680979c10c9bb61ac1654ccbf7e348af
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.2.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 3496
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-motorcycles.css?ver=1675697250
192.124.249.130200 OK 486 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-motorcycles.css?ver=1675697250
IP 192.124.249.130:0
Hash 976c1863a0f68e9ed5143399383d6fe3
3a345b6a7b712a48eaad28cbbc0458edbeec403b
b10b1e28f9750a578176e01421a51a1f75446604359bb74eb9df31e1983b7aae
GET /wp-content/themes/motors/assets/css/iconset-motorcycles.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 486
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/style.css?ver=6.0.3
192.124.249.130200 OK 202 B URL HTTP/2 approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/style.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with CRLF line terminators
Hash 404373223b8ff3a9bea8aa85d3e41c41
01dfd73050ec6bcffc9c9983e414d98dfdc10cdc
5058c4ec66acaa0503903bd9802bdc9bedd84a9d31da156da505380f404e991e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mega-addons-for-visual-composer/css/style.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 202
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 16 Jan 2021 17:11:29 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/dist/headers/header-car_dealer.css?ver=1675697250
192.124.249.130200 OK 11 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/dist/headers/header-car_dealer.css?ver=1675697250
IP 192.124.249.130:0
Hash f89297e1491291c1539183ea3911f425
4b607f688dab0ad70bdfc9066cfc39bd41d81c98
337701d8f45e75c282c9cabd43a9e667701ae59e859aaa959a368501d5e141f5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/dist/headers/header-car_dealer.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 11400
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:22 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/jquery-ui.css?ver=1675697250
192.124.249.130200 OK 1.8 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/jquery-ui.css?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (1165)
Hash 9c409d2d0082c4c92f139b79b9b56496
71af88ff8fb89bbde6780e3654e9ac5efcf6cd72
3abed05aa50906e4ba6d49983bd2c324bd57c9a0a4e74b52f95ceb965d27f27f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/jquery-ui.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 1833
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.2.0
192.124.249.130200 OK 1.1 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.2.0
IP 192.124.249.130:0
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash 3fffd1b8f00bf4175aaf1831974a4e4c
7f16ab9253c92a528f1f8cb20bee07128ce67048
3eeb166e786db324c70ef63628846f825951748a76d0de97c719189a0ab555c3
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.2.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1088
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/jquery.cookie.js?ver=1675697250
192.124.249.130200 OK 1.4 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/jquery.cookie.js?ver=1675697250
IP 192.124.249.130:0
Hash 54a9ec3dee95fd1f6e2f6e7336e94a37
8a54ab06be97e71aefefa71eec1e9955697f595f
5d5dbf633220d53cbd1cdea10b7cef58ef619c0296390fa05473e2e0e3883b79
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/jquery.cookie.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1404
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
192.124.249.130200 OK 126 B URL HTTP/2 approvalguy.ca/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
IP 192.124.249.130:0
File type ASCII text, with no line terminators
Hash ac7ecbcdc01fb980628e0ca076fd2c39
2df6d7adf64efc42e8f46243d5620c62879b59be
9f2cb415bb1b9656398091a9b2657b2dfe043c03a6526a9a12c6af51062e54c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 126
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Sep 2022 12:08:41 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_motors_review/assets/css/style.css?ver=1.1
192.124.249.130200 OK 5.0 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_motors_review/assets/css/style.css?ver=1.1
IP 192.124.249.130:0
Hash 07be79a6d9e25ea679ca37fc48fe9c3c
798de5937b64dd57a17b41cd36a5d2647306ac22
c1c2572d41f05e30166748b37edb2df5f721ab001a8bfc319bf92eefe7bbc60f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_motors_review/assets/css/style.css?ver=1.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 4959
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 07 Aug 2021 15:34:04 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/vivus.min.js?ver=1675697250
192.124.249.130200 OK 4.0 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/vivus.min.js?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (11790)
Hash e32b509ac7d4098a5b9b8e331806fae6
8eb95384473b97e58ed5a08e0488635cea14de2e
92b151372b22bb095ea3e33d5d127d585b5db4f511fd0253977b97fab111b66b
GET /wp-content/themes/motors/assets/js/vivus.min.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 3975
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.124.249.130200 OK 4.2 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.124.249.130:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 4169
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
192.124.249.130200 OK 3.0 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 20d191fbcefaf143ff6d9f0234b3afd4
85c302c0f4d2393bd1c3fb724a03741a14860b3a
0398c654fccf925b52ce33037cf350414bc27efc9da7db916ee7dbe646541f7a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 3040
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:44:45 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/subscriptio/_old_version/assets/js/frontend.js?ver=2.3.10
192.124.249.130200 OK 268 B URL HTTP/2 approvalguy.ca/wp-content/plugins/subscriptio/_old_version/assets/js/frontend.js?ver=2.3.10
IP 192.124.249.130:0
Hash 8185f6c08afd1c994bf4d20b11ed9c8a
3614e12de4e171536dd352fb5b20cc68cba45f96
c5e9c6a7b41c22f9d7bc99572332e822ccc65700f57369d85fe6b042b5cf541c
GET /wp-content/plugins/subscriptio/_old_version/assets/js/frontend.js?ver=2.3.10 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 268
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:43:52 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
192.124.249.130200 OK 989 B URL HTTP/2 approvalguy.ca/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash 1a973b2fcb6382cf2f096dc05ac8c879
1b1c2d34623e75e9218132fc3b414543e56af2c3
977f29856fc84e0712763206e1d27ea8aeb94c1d23b2b6de45e293d2284f2360
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 989
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
192.124.249.130200 OK 331 B URL HTTP/2 approvalguy.ca/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
IP 192.124.249.130:0
File type ASCII text, with very long lines (463)
Hash ba2b50662c393ff6ba69961f66b24d5d
d5694f33b1072b13fc4c3989e90252c0b28030a2
79ad638f020827a6db341526b430e65459aa712bfbdcabf28bb013c6b2c715e9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 331
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
192.124.249.130200 OK 2.9 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (8339)
Hash faa75df3694005642abb99586ea44af3
770d357270837858c3f4315a1dc92bc335b7d45a
d034a68565c3434a9b20e625631c3fa69c4a4482ef0180809503a7c9aa337fba
GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 2894
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1
192.124.249.130200 OK 3.0 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (9937)
Hash e13e2a5aae864d21ed354d27340879a8
27b4256b04bb5b24275cd60fdbc2e4f7fe87983c
0ba96929c19d286796f484f9e77957485498adadc3fe1d5ea91d0de29d00ddd2
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 3024
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
192.124.249.130200 OK 1.1 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (3233)
Hash cde0ded344e3544e6f19cf117371b265
acb5934c1a00ce841abbe050c815e7b06b702f57
bddcbef59b628af5afedda5a07006341a7af05b6df42e334f0579d8662fd0e7e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1084
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
192.124.249.130200 OK 6.0 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (16109), with no line terminators
Hash 50f1b56214f7e26856cb386786ef488c
16e4411fc85326e3b97b2cae8ded89c68e978d46
b8ac9041ececad43c28db3f7875fcf3e76d5e01d1d062f33036e561782bc6ce9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 5962
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2
192.124.249.130200 OK 585 B URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2
IP 192.124.249.130:0
File type ASCII text, with very long lines (985)
Hash 2a4a6faccfa5b512e63468b64b0c9969
f4a9aa5290d1598b2ffb4715ba1038619fcd7b2e
1450980233347d0b873c36db1d616f8f7fc22172780a78530b368612ce3b9a63
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 585
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 11 Apr 2012 02:58:23 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
192.124.249.130200 OK 3.9 kB URL HTTP/2 approvalguy.ca/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 192.124.249.130:0
Hash ca0cf10a1d933e4262c732da8f9008c1
d6fdc041e650cf096841671884db8854490dba72
fbd145cb64d3185e42b8a3f6fff22b3e4cc3550934b63a4f874c21c44f920702
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 3865
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/jquery.cookie.js
192.124.249.130200 OK 1.4 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/jquery.cookie.js
IP 192.124.249.130:0
Hash eb06925823b5bd059914eda6ef1486b5
c8898f725a2e84d64582163a29913dc18f58fd07
35d121eece75269f92c3cbe7a0458b1719d213b7f29323a67ba991cd177f8293
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/jquery.cookie.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1395
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/filter.js
192.124.249.130200 OK 1.9 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/filter.js
IP 192.124.249.130:0
Hash e731013f90ddc84dd98b767c60bcc511
6859aa11261b92efa25d6606f657dde9e1774d38
02f47db28552f915f36b16eb58df6a14d8dbc4629686724cb9cb039a52ac282a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/filter.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1894
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.2.0
192.124.249.130200 OK 982 B URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.2.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.2.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 982
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:16 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
192.124.249.130200 OK 2.5 kB URL HTTP/2 approvalguy.ca/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 192.124.249.130:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 2457
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.2.0
192.124.249.130200 OK 1.0 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.2.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 45db3d2887c26700a51bf469e3bb3aa1
d070b5fb53d2fbb66964bbfd482270b855d0ee96
1abc0cff49f82d9a063c04cd086b991af6ad00467efc4cb8d8d4e3c9a0f95777
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.2.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1039
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.2.0
192.124.249.130200 OK 794 B URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.2.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.2.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 794
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
192.124.249.130200 OK 1.7 kB URL HTTP/2 approvalguy.ca/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 192.124.249.130:0
File type ASCII text, with very long lines (4875)
Hash 320b86bb1a9ce650a5e3553b2bb1c430
c56e8668b398641ed5cdcfbd8a8eba7d631cdb9c
c9ebbb8d122c6be3880d18172abfe308bb07db900689484fa765a73b8b20b3ec
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1661
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/subscriptio/_old_version/assets/css/frontend.css?ver=2.3.10
192.124.249.130200 OK 287 B URL HTTP/2 approvalguy.ca/wp-content/plugins/subscriptio/_old_version/assets/css/frontend.css?ver=2.3.10
IP 192.124.249.130:0
Hash d1dfa24cc3d6999e0f8e84cd48151a4b
f1dfc7487f7517c6b0f2ba922e92b50209bcf9ea
1c7d88f45f3832999f4649032d52e76bd067ad48809d48e7fab8c66ebd1c9794
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/subscriptio/_old_version/assets/css/frontend.css?ver=2.3.10 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 287
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:43:52 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1
192.124.249.130200 OK 2.0 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (6469)
Hash 6e6cd7f6a5febe7248a2b6709fcc7531
d70c4370c84b2d96d08df4ca845d0c0eb90f49ed
40b9928688dc6dc3569a26fef5ce11baf229840c482c13424661bea33dff0071
GET /wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 2036
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
192.124.249.130200 OK 6.5 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (15439)
Hash 0748a982f068af9766c253cb21601ff2
9994f710f5450ee963f9714f715c6c9dbd64d417
2caf6897d004cd4727e5ab8b9992bb08d96b6ac38917142d1c2a49f74e1e4114
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 6502
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
192.124.249.130200 OK 3.1 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (10572)
Hash 441a9f4f0e65b720c99ccd7835d5a6f7
9d1e18dffdd3d8cfe4aaef782e02b4b35899cd25
2b161c785b5b6a40802db7808810b8805f163f471d44f275f053b09636c3f851
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 3125
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
192.124.249.130200 OK 487 B URL HTTP/2 approvalguy.ca/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
IP 192.124.249.130:0
File type ASCII text, with very long lines (1519), with no line terminators
Hash f49750e93d3f1fe51cd1cc2350e20af6
240ae051bb9b55a3937871753d40da640ca03137
9d693c8ed1d35aa67923da6ce3125c6e754ffcceeb2c99c44e84f1c3240ab086
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 487
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Sep 2022 12:08:41 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm-megamenu/assets/js/megamenu.js?ver=2.3.2
192.124.249.130200 OK 971 B URL HTTP/2 approvalguy.ca/wp-content/plugins/stm-megamenu/assets/js/megamenu.js?ver=2.3.2
IP 192.124.249.130:0
Hash f5162c1828f1eb68ad87a6d90af4ad3c
ea6358de48d61f4bd5d3751fa87d0b26aa885a6c
dad9b06e945d9a22349bd0a0492dc702831f641c0f944b29f7801ac34c025e65
GET /wp-content/plugins/stm-megamenu/assets/js/megamenu.js?ver=2.3.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 971
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:47:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-listing-two.css?ver=1675697250
192.124.249.130200 OK 424 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-listing-two.css?ver=1675697250
IP 192.124.249.130:0
Hash b7f8e680f2a30c7b2542380262bdcbfd
1a1bca54ca90d18688f0fd673e6c6e9b966fcd88
d652b4beed729de793d9d766a92c400950e1c024598db80343b363041c737209
GET /wp-content/themes/motors/assets/css/iconset-listing-two.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 424
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/bootstrap.min.js?ver=1675697250
192.124.249.130200 OK 9.4 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/bootstrap.min.js?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (32087)
Hash 339a178e25bf3531bc10b87e1f310883
36df96c7fa50d2b5f26f1557bb9ee7f4be234c09
f9e67c4d47f30892e127d0414ac9320f38899f079c6437f5903e14ac7f2e813e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/bootstrap.min.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 9441
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/jquery.stmdatetimepicker.css?ver=1675697250
192.124.249.130200 OK 4.6 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/jquery.stmdatetimepicker.css?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (1961)
Hash 2dbe5d4f94fdcf3df53ec6071a433b32
b71af6bb415f16b2624d97e8914137399c8ec596
0850bfcae403b88d409a60d16d73c6e1f7ef1c8274c5b090ab290b2aa7923546
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/jquery.stmdatetimepicker.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 4618
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/style.css?ver=1675697250
192.124.249.130200 OK 396 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/style.css?ver=1675697250
IP 192.124.249.130:0
Hash 16674f825a211cb0ed5aafb087420586
0bd0afaddfea9fcd08e82cd033ce49756567c3e3
6db751e944aac378c776738b3edc0e3d135032096b6308fb826db1a0761b8e00
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/style.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 396
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:20 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/animation.css?ver=1675697250
192.124.249.130200 OK 6.7 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/animation.css?ver=1675697250
IP 192.124.249.130:0
Hash c539b9aac3a65cca3f449ef37e548ccb
b87a9e1f75f50a6d22ee1d783d3689d674204f0b
7e9d9f8aacc325dc3d2abfa0252b9049cd3399c7f81cbf32f776c4644d0ec698
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/animation.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 6679
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/inc/value_my_car/assets/css/vmc-style.css?ver=1.0
192.124.249.130200 OK 43 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/inc/value_my_car/assets/css/vmc-style.css?ver=1.0
IP 192.124.249.130:0
Hash e10ad2b8339ee2d080290a66fd5c00d3
41511961d88c642822882eb721cc81bec9fdbb5a
103bed04256dea5a482200aabd93baad4539ba3dc4d766945b7fbb35046bec1b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/inc/value_my_car/assets/css/vmc-style.css?ver=1.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 43
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/uploads/stm_uploads/wpcfto-generate.css?ver=327
192.124.249.130200 OK 2.6 kB URL HTTP/2 approvalguy.ca/wp-content/uploads/stm_uploads/wpcfto-generate.css?ver=327
IP 192.124.249.130:0
File type ASCII text, with very long lines (20774), with no line terminators
Hash 2d41e37ee9a54fc5c1899cfb18e91d74
e80d11ee98ee00d6ff80bca90e1ac69da74536e2
18c11c85d9b6737a84c851cd3ecbde8d574fc26a87480a15f2ab55eafad6617e
GET /wp-content/uploads/stm_uploads/wpcfto-generate.css?ver=327 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 2637
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 23 Sep 2022 14:51:48 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/classie.js?ver=1675697250
192.124.249.130200 OK 741 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/classie.js?ver=1675697250
IP 192.124.249.130:0
Hash f0112a883818f94b8dc89e351adf8c36
2bd281f37b61a8f6df97c2b575cdef39f77a058e
65440f8274adef2f3945bb5ce75f16a693d0042af7f46170302175fce06eecc6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/classie.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 741
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.8.0
192.124.249.130200 OK 374 B URL HTTP/2 approvalguy.ca/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.8.0
IP 192.124.249.130:0
Hash 99f478aea66ce928c3dda9ab3a0dbbb3
29bb3e5ccb81defba6cf1749768f4c57533e261a
44b0fdb4d849dfa85411e2e814e8352a89f04fad8e65924f477368dad133955e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.8.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 374
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 07 Jan 2022 18:30:29 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/imagesloaded.min.js?ver=4.1.4
192.124.249.130200 OK 1.8 kB URL HTTP/2 approvalguy.ca/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 192.124.249.130:0
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1834
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/init.js
192.124.249.130200 OK 2.0 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/init.js
IP 192.124.249.130:0
File type ASCII text, with CRLF line terminators
Hash ac3a3f718297d2ee72c0cdf19db1de08
75b0bfbb100b047dc0a833fa3ce6bf4944063677
34638c7ce910e1fb3e5853cf9a8dfb03cea2df2286ef406c6ce0e93f0228b59f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/init.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 2043
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/isotope.pkgd.min.js?ver=1675697250
192.124.249.130200 OK 10 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/isotope.pkgd.min.js?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (32011)
Hash 1739635d6f16853b1bb99060f1005897
328e5607c0b2b2d103b464d54e4b4fa13dcbb3af
cb15dbdb6a4c399a80bf87d3c0e57cc9fe088f9ded91fbc9f249d570fe4f849d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/isotope.pkgd.min.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 10123
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/jquery.uniform.min.js?ver=1675697250
192.124.249.130200 OK 3.1 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/jquery.uniform.min.js?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (8553), with no line terminators
Hash fc848f7a1c24d6c7ab09aa9657122a09
52105a2a368d0f23f90af2482929dc4fc7830389
cc2fc948b7b16664d5174e1115c2bf03a6b1039ad8bce85d1c18947f2fa889f8
GET /wp-content/themes/motors/assets/js/jquery.uniform.min.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 3128
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/lg-video.js?ver=1675697250
192.124.249.130200 OK 2.8 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/lg-video.js?ver=1675697250
IP 192.124.249.130:0
Hash 74c7ca4c4070270c9639c6c7214b1aa5
212741b3a7fbdc5c71617b31ebc2e18a5f1ad5e8
94c0173638d655e8e3742b93fb2f6fb0063e0278ffd40514245b9ce246f4b965
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/lg-video.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 2832
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/app-user-sidebar.js?ver=1675697250
192.124.249.130200 OK 332 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/app-user-sidebar.js?ver=1675697250
IP 192.124.249.130:0
Hash 745fff3eacbe6a6e02c963e537946a78
8b32ec0f6ac8a9ce55860e9332b3aca74011a5d0
da7f75b7312f8d94acd4d7de6621d65a4733b56971128f17bc7154de428bc002
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/app-user-sidebar.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 332
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:23 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/jquery.countdown.min.js?ver=1675697250
192.124.249.130200 OK 2.4 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/jquery.countdown.min.js?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (4136)
Hash a68628065a86702a4e1e6fbd80080451
837a875a970610f3922a59081a3cbabee19ace3f
e26df89d152868d65d41bda19ab42634965ec4b9d60b38c9246423223446ba15
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/jquery.countdown.min.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 2373
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/sell-a-car.js?ver=1675697250
192.124.249.130200 OK 2.7 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/sell-a-car.js?ver=1675697250
IP 192.124.249.130:0
Hash 1d9af63747ea153f0bd354293b0a1272
e120dbba7e11cdba2e6bd0b11879d911bde8207e
47606172e87d6ee17413cc7b3e53a1ae552d3b925836a9c1a1462a507c3c7996
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/sell-a-car.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 2734
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/lazyload.js?ver=1675697250
192.124.249.130200 OK 1.7 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/lazyload.js?ver=1675697250
IP 192.124.249.130:0
Hash caf9d2c0817ce51f4d2436614f5ab292
4318add215d0a2eb1e72da121104b69cf51a15ca
f5b7ef02c2730b0be2d1a1df632102308535251488996d42f1e84f34c78515a8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/lazyload.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1651
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/stm-google-places.js?ver=1675697250
192.124.249.130200 OK 1.2 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/stm-google-places.js?ver=1675697250
IP 192.124.249.130:0
File type Algol 68 source text\012- Pascal source, ASCII text
Hash ac9556caa6ba8636b0516daa5d51c2e5
146146eaec26b48bbf729ac35759a0e836d00f02
c7d34376dec7d1d5cbe4f32d6092408c97bd21302498b1dcb578722d7b26a13b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/stm-google-places.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1233
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/jquery.cascadingdropdown.js?ver=1675697250
192.124.249.130200 OK 3.4 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/jquery.cascadingdropdown.js?ver=1675697250
IP 192.124.249.130:0
Hash 2c029028a9acd96d910bf6d7717dade4
18b8902d2fb4021aff9bba512650c7cfbb305fc5
808bd8b51b812c80834298aa6ca9c80b404974bc984a61db750dee1675a3dc52
GET /wp-content/themes/motors/assets/js/jquery.cascadingdropdown.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 3400
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/inc/value_my_car/assets/js/vmc.js?ver=1.0
192.124.249.130200 OK 1.3 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/inc/value_my_car/assets/js/vmc.js?ver=1.0
IP 192.124.249.130:0
Hash 16632e1b96456a8984af122def06a6cd
c9a39c351202055ffb20c9fcee314108826d9dd2
612f361b2e624b3bf3d8a9094b4d5055af5f916a1ad7181c2077e18d83f2169a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/inc/value_my_car/assets/js/vmc.js?ver=1.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1285
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:16 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
192.124.249.130200 OK 4.1 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
IP 192.124.249.130:0
File type HTML document, ASCII text, with very long lines (12652), with no line terminators
Hash 5a8a35c9ae8f9e0fc3dbf35fba73b13a
10d0f2fde01006234322517ef3b4d4b9b6d230bd
913435232b007746db89fde662ff6a8e4bb8c7eea164a785b321fccf39a3e1fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 4084
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:44:45 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
192.124.249.130200 OK 7.1 kB URL HTTP/2 approvalguy.ca/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 7095
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
192.124.249.130200 OK 6.9 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7e2b78a6e8a9b90385330755ee1cf3e5
684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 6914
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.9.2
192.124.249.130200 OK 25 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.9.2
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash b898f25c74b4f9d13897cf6ca3d08e06
78b1b205aa0b5f1417632ebd2442b9a49e68416b
4c8a57e8ca0a36c98d5a5247e739ce782266cd71845a0283570e4c2090c3f6fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.9.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 24607
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/all.css?ver=6.0.3
192.124.249.130200 OK 13 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/all.css?ver=6.0.3
IP 192.124.249.130:0
Hash 9323511f7d8c7ab2721e5903dc555aba
aaf0b720a49ad371e3580dfb70d5ee4fe2ef4145
057679e0bc289f067b7532617fa77e26e8d1f6cd8d52afa52f4175bea5e1b610
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/all.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 12795
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 16 Jan 2021 17:11:29 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/bootstrap.min.css?ver=1675697250
192.124.249.130200 OK 19 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/bootstrap.min.css?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (65371)
Hash a69801e0e683a8efdc50685e08da6a5c
6f9e7217c522f9e426b01836de5ca4b489da9cc8
af869524400958bf10cefcd1a2790715f9f569117fabe6c69e24e5ca65e45321
GET /wp-content/themes/motors/assets/css/bootstrap.min.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 19250
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1675697250
192.124.249.130200 OK 13 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (59158)
Hash d7913fc87c4606f82b4ee77a8d47fc2f
62a54acf7535ae53425b44dadfe5fdabf3d8300a
bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 12869
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 15:01:11 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_motors_review/assets/js/frontend/jquery.cookie.js
192.124.249.130200 OK 1.4 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_motors_review/assets/js/frontend/jquery.cookie.js
IP 192.124.249.130:0
Hash eb06925823b5bd059914eda6ef1486b5
c8898f725a2e84d64582163a29913dc18f58fd07
35d121eece75269f92c3cbe7a0458b1719d213b7f29323a67ba991cd177f8293
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_motors_review/assets/js/frontend/jquery.cookie.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 1395
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 07 Aug 2021 15:34:04 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
192.124.249.130200 OK 531 B URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (715)
Hash 1ea7bcbb40b617cbbf38b615434133e0
7433990d960000293aaf5a7fa53cd3dde93ee802
8a983f24fd8856665fd5bdfc272d3a7129e605ab1ee862fe8a138b69ca015033
GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 531
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 28 Jan 2022 16:44:05 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
192.124.249.130200 OK 4.8 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (18145)
Hash 3bf143442038c53bb3e300f2bf969dcd
712cf4a73281faa972c160ad0241d9844fb25446
6bc47200329a4ad6fae0b812da0300dd72b0164a4f343afd75275c862f37ee19
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 4841
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/jquery.touch.punch.min.js?ver=1675697250
192.124.249.130200 OK 597 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/jquery.touch.punch.min.js?ver=1675697250
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (1090)
Hash d092834263c7b00d7de63acd3faf80e3
5f7b89769c97ad01fc128176e2f37520e787f718
1894fcaba76bd3052337c4c30dd4211cffdd4e6c2f1fe0d1da7da98b4573d206
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/jquery.touch.punch.min.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 597
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/load-image.all.min.js?ver=1675697250
192.124.249.130200 OK 9.1 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/load-image.all.min.js?ver=1675697250
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (26142), with no line terminators
Hash a5293042582de312108ef111c5e09ae5
620f553258ba3291215cf8d34ad3086636222724
c4ffad883c017fb330918c8131e26c4aac85237bd69479d5545fd13da4b8a0f2
GET /wp-content/themes/motors/assets/js/load-image.all.min.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 9082
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/filter.js?ver=1675697250
192.124.249.130200 OK 3.1 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/filter.js?ver=1675697250
IP 192.124.249.130:0
Hash 3475f7a08b2f3a6f2f69b1b649b02c38
4c9876991d3dd5120182af2e522e3639608ef136
1200fbb60e9d970fcb57c17db2608149798b8c629f65ac633b7a43270eb29032
GET /wp-content/themes/motors/assets/js/filter.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 3105
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/owl.carousel.js
192.124.249.130200 OK 20 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/owl.carousel.js
IP 192.124.249.130:0
File type ASCII text, with very long lines (360)
Hash b7b67d47b88c016cb848b772078ecd51
56bb2990a6015fc8bdd26575db8e016caf55415c
c6cde20ab00f0f429abbcd3329fe6d5be0d1a6e09bbbce7cd5e9acb3929ac6da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/owl.carousel.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 20037
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/lightgallery-all.js
192.124.249.130200 OK 20 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/lightgallery-all.js
IP 192.124.249.130:0
Hash b69d0551417311f47c28113011d61706
c3884aac850c8bdbaedc143ea5881015592a77d6
a0350bbb780e1c571bf69667b6fc2d91fc3a1524a8afc38492f2b73bd971e733
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/lightgallery-all.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 20384
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/app.js?ver=1675697250
192.124.249.130200 OK 12 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/app.js?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (1677)
Hash 1d7153db02e42974a262d13479dfab4b
d3dca08e7aa295a45c8f21d7a2683af25a8abffe
79d42603ee482b91ed52e2cc65e51192d96cc48895eb95c4c0abe2ec37f3ca86
GET /wp-content/themes/motors/assets/js/app.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 12457
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/select2.full.min.js?ver=1675697250
192.124.249.130200 OK 22 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/select2.full.min.js?ver=1675697250
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (64131)
Hash 27cccae187e6c6bacbdbb39f951c1e72
3a3498acdee5a98178cc7006b61358094b766e99
43040dab46e4466145635e3a4a9b53acbc709e781479d1971f8bd67a010e8fc2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/select2.full.min.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 22031
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.124.249.130200 OK 31 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 30908
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/typeahead.jquery.min.js?ver=1675697250
192.124.249.130200 OK 18 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/typeahead.jquery.min.js?ver=1675697250
IP 192.124.249.130:0
Hash 26ef23764a3480c7c310d920cf930659
58a889271cf5e411a3f255c2033c329ed6887ac6
b69236e0eba0c94584ca5a5ab607a63242732bc2728f372c1b27c45ee4d1ae4f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/typeahead.jquery.min.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 17904
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/app-ajax.js?ver=1675697250
192.124.249.130200 OK 13 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/app-ajax.js?ver=1675697250
IP 192.124.249.130:0
File type ASCII text, with very long lines (306)
Hash 5c95be2671a03d4cf2460acf5cbced8d
47d909c5cb62107bbc60855d5285e4be64328093
94ec987c67c06c4d8259281f250cab2a10c39fc9f9bf3785b4197003d7edef27
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/app-ajax.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 12689
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:27:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:27:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:27:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://approvalguy.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 07:08:09 GMT
expires: Sat, 03 Feb 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 289164
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://approvalguy.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 592492
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 15:27:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
approvalguy.ca/wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/webfonts/fa-solid-900.woff2
192.124.249.130200 OK 78 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/webfonts/fa-solid-900.woff2
IP 192.124.249.130:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://approvalguy.ca/wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1675697250
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:32 GMT
content-type: font/woff2
content-length: 78196
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 30 Mar 2022 15:01:11 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm-megamenu/assets/css/megamenu.css?ver=2.3.2
192.124.249.130200 OK 26 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm-megamenu/assets/css/megamenu.css?ver=2.3.2
IP 192.124.249.130:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, stm-icon \012- data
Hash 875140f27c8d62a166e620b6120f379b
1f4dbd135cb8082c266d43f6cd934aa84f654c84
e9cfab737bbbf5814a8a60260c003a758fb80215a1efd5de82bbc5a8152cc316
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm-megamenu/assets/css/megamenu.css?ver=2.3.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 29414
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:47:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/?wc-ajax=get_refreshed_fragments
192.124.249.130200 OK 197 B URL HTTP/2 approvalguy.ca/?wc-ajax=get_refreshed_fragments
IP 192.124.249.130:0
File type JSON data\012- , ASCII text, with very long lines (310), with no line terminators
Hash ccac1c1e2c443d3c846db0c30b2d7bae
d75c320073d9ca7e06bab03cc867146ba04bb463
396f8cc99061df0b2f689e4a0714ee350b4ba5136777177a394e40c376b01ef6
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://approvalguy.ca
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:33 GMT
content-type: application/json; charset=UTF-8
content-length: 197
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
x-pingback: https://approvalguy.ca/xmlrpc.php
access-control-allow-origin: https://approvalguy.ca
access-control-allow-credentials: true
x-content-type-options: nosniff, nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.42200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.42:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://approvalguy.ca
Connection: keep-alive
Referer: https://approvalguy.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 06 Feb 2023 15:27:34 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://approvalguy.ca
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/uploads/stm_uploads/skin-custom.css?ver=374
192.124.249.130200 OK 174 kB URL HTTP/2 approvalguy.ca/wp-content/uploads/stm_uploads/skin-custom.css?ver=374
IP 192.124.249.130:0
Size 174 kB (174467 bytes)
Hash 38486b3dac21973c11cb7aa94090ea39
b2f1fcb173530075e5750f60d48b1976b20e3fd1
17dbd23e11fb38903ee778d8c8f04e3ce8be51469411f13af15188ccaea6eccd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/stm_uploads/skin-custom.css?ver=374 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 23 Sep 2022 14:51:49 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/uploads/2019/04/cropped-1p-192x192.png
192.124.249.130200 OK 21 kB URL HTTP/2 approvalguy.ca/wp-content/uploads/2019/04/cropped-1p-192x192.png
IP 192.124.249.130:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f512f8f53a3ecbb518015f68229ced28
b41b5025ac1099fced7848bc6052fb00f6f971fd
f1a27184db1ee6e0e785b3faa3eaf148080aeb0bb3acfbbbc8380d122cdc53ac
GET /wp-content/uploads/2019/04/cropped-1p-192x192.png HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:33 GMT
content-type: image/png
content-length: 20652
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
last-modified: Thu, 19 Nov 2020 18:31:52 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
192.124.249.130200 OK 0 B URL HTTP/2 approvalguy.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 192.124.249.130:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: text/css; charset=utf-8
content-length: 11681
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
static.addtoany.com/menu/page.js
172.67.39.148200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP 172.67.39.148:0
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 15:27:30 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 51087
etag: W/"c04-5f1f2ae2e431b"
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
vary: Accept-Encoding
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7954e90a6b401c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/stm_dt_picker.js?ver=1675697250
192.124.249.130200 OK 0 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/stm_dt_picker.js?ver=1675697250
IP 192.124.249.130:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/stm_dt_picker.js?ver=1675697250 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=91273074
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 15:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 29569
x-sucuri-id: 19030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2