r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7416
Expires: Sat, 28 Jan 2023 17:35:30 GMT
Date: Sat, 28 Jan 2023 15:31:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7311
Expires: Sat, 28 Jan 2023 17:33:45 GMT
Date: Sat, 28 Jan 2023 15:31:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3333
Expires: Sat, 28 Jan 2023 16:27:27 GMT
Date: Sat, 28 Jan 2023 15:31:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 14:43:05 GMT
content-type: application/json
age: 2929
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IMOTiTjbuMuWQYmeIr9MxyPNXNbAULFw/Oe8xzENVfypz0zBrXQjKgpz1rYmGCJGSUtM5Btk7f4=
x-amz-request-id: 6ZZX0PR4GNHCNJSS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 14:49:56 GMT
age: 2518
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
192.124.249.130301 Moved Permanently 511 B URL HTTP/1.1 approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
IP 192.124.249.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (353)
Hash e627ed25fd35915fe03d09760167f81c
da9a115dd8437ad3012f2fa1da2caddaa0bf911d
0be0a840bd5e8e852797022baafbfd690e291fb4fac5a66f96577f63aec9634a
GET /netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 15:31:54 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 511
Connection: keep-alive
X-Sucuri-ID: 15030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cache-Control: max-age=0
Expires: Sat, 28 Jan 2023 15:31:54 GMT
X-Sucuri-Cache: BYPASS
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 42cb2fbfe8c15a092b242ddb9b333a79
4769fba9b93a4f1f508ae5fde2b6033036c52743
50256e21858ec86d2e646fcf9683d33ee3a3cbafdbec2d8a98b08c3094c93e0b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 15:31:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 28 Jan 2023 15:17:52 GMT
Expires: Sun, 29 Jan 2023 15:17:52 GMT
ETag: "4769fba9b93a4f1f508ae5fde2b6033036c52743"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 14:41:40 GMT
age: 3015
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5718
Expires: Sat, 28 Jan 2023 17:07:13 GMT
Date: Sat, 28 Jan 2023 15:31:55 GMT
Connection: keep-alive
push.services.mozilla.com/
35.163.1.35101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.1.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 93Id9xFpVlxc2Pl8WDCK+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sh2XKSkjtexbQeMsZM8wyOx099Y=
approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
192.124.249.130404 Not Found 8.5 kB URL HTTP/2 approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
IP 192.124.249.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash 4161fa43185f9ec87d2b872c7eaf65cf
2fe971dbc5e465187310e2b5335566ec28ed0606
64c569eacf18bc8187456910bbac633c5662313d237f1d673802cf9b7d95114d
GET /netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx
date: Sat, 28 Jan 2023 15:31:56 GMT
content-type: text/html; charset=UTF-8
content-length: 8502
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://approvalguy.ca/wp-json/>; rel="https://api.w.org/"
set-cookie: stm_visitor_1=96315656; expires=Mon, 27-Feb-2023 15:31:56 GMT; Max-Age=2592000; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:31:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:31:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:31:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
approvalguy.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
192.124.249.130200 OK 12 kB URL HTTP/2 approvalguy.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:56 GMT
content-type: text/css; charset=utf-8
content-length: 11681
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:31:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?libraries=places&sensor=false&language=en&ver=1674919915
142.250.74.106200 OK 55 kB URL HTTP/2 maps.googleapis.com/maps/api/js?libraries=places&sensor=false&language=en&ver=1674919915
IP 142.250.74.106:0
File type ASCII text, with very long lines (2563)
Hash 0908c5d4cc673a5554c3660bf4ab25d3
e8a95e0328ed37b465b80a4a99f4dd3d4d9b7982
83677f28d35fa873717082c96e44fffdd2be4e96b778aeb9b733f68c6f3e64d7
GET /maps/api/js?libraries=places&sensor=false&language=en&ver=1674919915 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sat, 28 Jan 2023 15:31:56 GMT
expires: Sat, 28 Jan 2023 16:01:56 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55325
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
developers.google.com/maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=1674919915
216.58.207.206200 OK 8.9 kB URL HTTP/2 developers.google.com/maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=1674919915
IP 216.58.207.206:0
File type HTML document, ASCII text
Hash 392171da80a650aeb0dd41831b68e029
5a21fa6eb47cd41c231e96ef7edc3ee66fc73f1f
0fc6e2dda00a05cf5b3b135c4c48d8c5efb413922e4dbcca038a05a53e83d4be
GET /maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=1674919915 HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 16 Jan 2017 03:43:59 GMT
set-cookie: _ga_devsite=GA1.3.3023649648.1674919916; Expires=Mon, 27 Jan 2025 15:31:56 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-2C5plMeDIGvQvLUp/Cypfs4RRimtxi' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 8b6b3ec13c4c385c7b4ad7e805ab0116
vary: Accept-Encoding
date: Sat, 28 Jan 2023 15:31:56 GMT
server: Google Frontend
content-length: 8937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.addtoany.com/menu/page.js
104.22.70.197200 OK 1.9 kB URL HTTP/2 static.addtoany.com/menu/page.js
IP 104.22.70.197:0
File type ASCII text, with very long lines (3076), with no line terminators
Hash c5ec34b2889b92a5954b68e20b800561
c866b5d09cc338b240eb7c5c8f0c5943a67857bb
ae5476c544082cb7ec71ce2271752480292cf6187ab3232b119f66f67ab71f6e
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:31:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
etag: W/"c04-5f1f2ae2e431b"
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 147632
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 790ac7262ba99909-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2523
Expires: Sat, 28 Jan 2023 16:13:59 GMT
Date: Sat, 28 Jan 2023 15:31:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2523
Expires: Sat, 28 Jan 2023 16:13:59 GMT
Date: Sat, 28 Jan 2023 15:31:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2523
Expires: Sat, 28 Jan 2023 16:13:59 GMT
Date: Sat, 28 Jan 2023 15:31:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2523
Expires: Sat, 28 Jan 2023 16:13:59 GMT
Date: Sat, 28 Jan 2023 15:31:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2881cea3ae511d3dfd2f6b7cd598a4e
105d8d675aaafce5602e4015aee2d1659553d1b1
0993ef71c2af9e07ed09e0e2ba40a4d9fdd01444154c2f39f8fc48a4dfef1730
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10863
x-amzn-requestid: db873091-be76-4276-aa3e-f9bd44051508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbAMbHCMoAMFsYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4471c-57f14d6a3ebcc8a1788bae80;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: S8H9sSYtUyye2ex8ulTLy6SEyqTt3xUmjRkTWL0oCEDZIDA21dnudw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:38:29 GMT
etag: "105d8d675aaafce5602e4015aee2d1659553d1b1"
content-type: image/jpeg
age: 60807
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 63310
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 195316042e7f798eeeb7993fecb3a383
4aeca24ad4702f87feaf9674ea0c1ff6d71826a3
b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13376
x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-DvHIyoAMF6fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8cRGlncOQ6qYv7qbI1HxTz-qUYJkTVa5V2qJM1C8XM5dmyXFA8qRvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 63778
etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:14:23 GMT
age: 62253
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25fd26625a6c5339389faf4f6aa8fc6a
05aed76d3966ea8a02d4bbbeff7b41c8a5aac907
9a29ad65cb7a8632a2c454a4caeb43a10c5152ccf3dbab22d584276bdeeb0dbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5746
x-amzn-requestid: 8ab00078-cdf9-465a-a493-64a488c9e634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwEIJIAMFutA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-3f9b5f031812e32f6625f1e6;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jUVP5rlieH6mUh_fgVz4D636AIMAo2JXJqBgzGSI_CyY2-8Pza4IKw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 63778
etag: "05aed76d3966ea8a02d4bbbeff7b41c8a5aac907"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 60343
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.9.2
192.124.249.130200 OK 2.0 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.9.2
IP 192.124.249.130:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash 38b1f483d4bf6b1548990385c8673746
1668edb02c5170be308368292a4c12033d0a42f4
98138d83d7cb12e99802ba034b400a67e0d7b6e378d8bcd1b4d9f4fe44ce1111
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.9.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 1962
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/style.css?ver=6.0.3
192.124.249.130200 OK 202 B URL HTTP/2 approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/style.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with CRLF line terminators
Hash 404373223b8ff3a9bea8aa85d3e41c41
01dfd73050ec6bcffc9c9983e414d98dfdc10cdc
5058c4ec66acaa0503903bd9802bdc9bedd84a9d31da156da505380f404e991e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mega-addons-for-visual-composer/css/style.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 202
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 16 Jan 2021 17:11:29 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
192.124.249.130200 OK 995 B URL HTTP/2 approvalguy.ca/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
IP 192.124.249.130:0
Hash a81b8fb4af6a0bfef4d8fb610b7e3fd2
54ac8812d0ee99a38e33f734f34179a77e95e547
6a391fc773bce731189bf93ecf097629718030c411493a92842b12939bee8479
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 995
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:44:45 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_motors_review/assets/css/review-font-style.css?ver=6.0.3
192.124.249.130200 OK 703 B URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_motors_review/assets/css/review-font-style.css?ver=6.0.3
IP 192.124.249.130:0
Hash 78a8a37efff577895faad3c5fb8ce3cf
84de44d4e332890f3268445ff1fc1cc3ac238051
5007ba79f533b1eda493927ced5ca6405128482137c8b4cf9ffe53564b37e207
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_motors_review/assets/css/review-font-style.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 703
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 07 Aug 2021 15:34:04 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/ihover.css?ver=6.0.3
192.124.249.130200 OK 10 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/ihover.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with CRLF, CR line terminators
Hash 06a930f361542b47dad8853305b8f304
2f52d0aa8bae5ec9f8267f9d817f27296c4ddbd9
e4c87cbcb6519d1a83f5e7340f19dc09f1779f6aaea733aea5856698e14059d9
GET /wp-content/plugins/mega-addons-for-visual-composer/css/ihover.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 9992
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 16 Jan 2021 17:11:29 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_motors_review/assets/css/style.css?ver=1.1
192.124.249.130200 OK 5.0 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_motors_review/assets/css/style.css?ver=1.1
IP 192.124.249.130:0
Hash 07be79a6d9e25ea679ca37fc48fe9c3c
798de5937b64dd57a17b41cd36a5d2647306ac22
c1c2572d41f05e30166748b37edb2df5f721ab001a8bfc319bf92eefe7bbc60f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_motors_review/assets/css/style.css?ver=1.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 4959
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 07 Aug 2021 15:34:04 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=6.0.3
192.124.249.130200 OK 182 B URL HTTP/2 approvalguy.ca/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with no line terminators
Hash 08120e33c4f50cbbf9fee683ef49f0d0
304358f57b904b63bc738dc479d9453d1f52d685
95325cc57971a2252f6bbdb2be79a1665173419bee9935248451dc7b54dc525f
GET /wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 182
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 12 Dec 2020 17:20:11 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/lightgallery.min.css?ver=6.0.3
192.124.249.130200 OK 3.8 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/lightgallery.min.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with very long lines (20660), with no line terminators
Hash b8f5fb406b5dde0528079b1f2957f623
cd9e95a4c9121e714058ccd4b4bb20abfabc9080
d906fb4ec194f825b3a60ba2367400588fee92446204b49fdab907258b0e68c1
GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/lightgallery.min.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 3790
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-default.css?ver=1674919915
192.124.249.130200 OK 1.4 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-default.css?ver=1674919915
IP 192.124.249.130:0
Hash abbd55bd43a2efcf75b22a38b070a5fe
b76893b2335da971e3475e78a87b07aa4bca542a
774abd8e901d406279e9cc26ba019b500eb9abaf8792db33cc5393cdec86eb83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/iconset-default.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 1396
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/grid.css?ver=6.0.3
192.124.249.130200 OK 1.4 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/grid.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with very long lines (540)
Hash 010ba361ace5fbb7d07bd66b3a48cf2a
c60c40f4e72c63363b68ba02a2a19b682041a10f
f3edb316d73bcd98551b4d90fb059d3ebf5307852a046a507915fb0d8a7a60b8
GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/grid.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 1444
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-auto-parts.css?ver=1674919915
192.124.249.130200 OK 541 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-auto-parts.css?ver=1674919915
IP 192.124.249.130:0
Hash b285dfdb3b762a01013eb750262d20ba
a0f647cd594ed1fdacd95d69aa19d0447ef3e358
5bab82c50fb894acc67baa4b80011ba8f7055bd2b02a1aa883efca69e315b662
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/iconset-auto-parts.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 541
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/owl.carousel.css?ver=6.0.3
192.124.249.130200 OK 899 B URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/css/frontend/owl.carousel.css?ver=6.0.3
IP 192.124.249.130:0
File type ASCII text, with very long lines (3630), with no line terminators
Hash 0fd6cde7646e79e085a7bcd4e54454e1
6af9258308691fc18f233b3a716bab3d0ef49426
4ba6f1bcf100600b7f2e008c46cc8597916f14c8db378fa507f2daaa3560740d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/css/frontend/owl.carousel.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 899
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-listing-two.css?ver=1674919915
192.124.249.130200 OK 424 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-listing-two.css?ver=1674919915
IP 192.124.249.130:0
Hash b7f8e680f2a30c7b2542380262bdcbfd
1a1bca54ca90d18688f0fd673e6c6e9b966fcd88
d652b4beed729de793d9d766a92c400950e1c024598db80343b363041c737209
GET /wp-content/themes/motors/assets/css/iconset-listing-two.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 424
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-motorcycles.css?ver=1674919915
192.124.249.130200 OK 486 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-motorcycles.css?ver=1674919915
IP 192.124.249.130:0
Hash 976c1863a0f68e9ed5143399383d6fe3
3a345b6a7b712a48eaad28cbbc0458edbeec403b
b10b1e28f9750a578176e01421a51a1f75446604359bb74eb9df31e1983b7aae
GET /wp-content/themes/motors/assets/css/iconset-motorcycles.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 486
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-service.css?ver=1674919915
192.124.249.130200 OK 977 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-service.css?ver=1674919915
IP 192.124.249.130:0
Hash 641140f1223ff5df29ee18f8c8f70aba
ee0c640727fd652e863fd635d520b173e8b40d13
b5bc1943b25ef3c81c37dfb34d070364f53739ca18660bb96809c5a3225541aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/iconset-service.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 977
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:23 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-aircrafts.css?ver=1674919915
192.124.249.130200 OK 500 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-aircrafts.css?ver=1674919915
IP 192.124.249.130:0
Hash e3aa2e50e7548a11d09b751859c1becb
576d4d743e87890fcb1d27c9b612095dc38f157f
08390ab2377861fbbeae93767265f829763ce9cbe12a73f93e79ce3eb2ce6c2c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/iconset-aircrafts.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 500
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-boats.css?ver=1674919915
192.124.249.130200 OK 999 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-boats.css?ver=1674919915
IP 192.124.249.130:0
Hash 1181af493470f970b5490f947ed50a47
74fc156dcf06e315e1864435e0cbc4a08a3caa6f
18aef60c4a5ef8a52700257478b9795e0981eaf5823218d612efb7d55ae4e4c3
GET /wp-content/themes/motors/assets/css/iconset-boats.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 999
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:23 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-rental.css?ver=1674919915
192.124.249.130200 OK 513 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-rental.css?ver=1674919915
IP 192.124.249.130:0
Hash fd416c252f2442554e228bfc093a1f0e
fc7dfd1094efde486d1c5b7e69efc7c0adbf10be
6f15ff6d2040a901ff2d1704dec2922c31d2dcef4bcbd86de577b0fcf675ab61
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/iconset-rental.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 513
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/subscriptio/_old_version/assets/css/frontend.css?ver=2.3.10
192.124.249.130200 OK 287 B URL HTTP/2 approvalguy.ca/wp-content/plugins/subscriptio/_old_version/assets/css/frontend.css?ver=2.3.10
IP 192.124.249.130:0
Hash d1dfa24cc3d6999e0f8e84cd48151a4b
f1dfc7487f7517c6b0f2ba922e92b50209bcf9ea
1c7d88f45f3832999f4649032d52e76bd067ad48809d48e7fab8c66ebd1c9794
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/subscriptio/_old_version/assets/css/frontend.css?ver=2.3.10 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 287
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:43:52 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/dist/headers/header-car_dealer.css?ver=1674919915
192.124.249.130200 OK 11 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/dist/headers/header-car_dealer.css?ver=1674919915
IP 192.124.249.130:0
Hash f89297e1491291c1539183ea3911f425
4b607f688dab0ad70bdfc9066cfc39bd41d81c98
337701d8f45e75c282c9cabd43a9e667701ae59e859aaa959a368501d5e141f5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/dist/headers/header-car_dealer.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 11400
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:22 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/jquery-ui.css?ver=1674919915
192.124.249.130200 OK 1.8 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/jquery-ui.css?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (1165)
Hash 9c409d2d0082c4c92f139b79b9b56496
71af88ff8fb89bbde6780e3654e9ac5efcf6cd72
3abed05aa50906e4ba6d49983bd2c324bd57c9a0a4e74b52f95ceb965d27f27f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/jquery-ui.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 1833
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/select2.min.css?ver=1674919915
192.124.249.130200 OK 2.0 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/select2.min.css?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (14965)
Hash 8e684dd388239a6bcac3bc41e52c4e17
2691065d51586e3fdcfce1ea8e51787a05061989
f5e41c52b1303b9ad13beb859f02abc7397d27e3b6504c5bd82a2b68dfa6ece4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/select2.min.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 1998
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/iconset-magazine.css?ver=1674919915
192.124.249.130200 OK 414 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/iconset-magazine.css?ver=1674919915
IP 192.124.249.130:0
Hash 8b28e3502a0a05ea8a0255fc1ffa26ee
bc79329c99a4604e2d5b54085d857fdd48067c4c
bf82a3cdc3ddc88f9df2e724b1c82c30030810a4c13bd00f4df224a8911954c6
GET /wp-content/themes/motors/assets/css/iconset-magazine.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 414
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/style.css?ver=1674919915
192.124.249.130200 OK 396 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/style.css?ver=1674919915
IP 192.124.249.130:0
Hash 16674f825a211cb0ed5aafb087420586
0bd0afaddfea9fcd08e82cd033ce49756567c3e3
6db751e944aac378c776738b3edc0e3d135032096b6308fb826db1a0761b8e00
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/style.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 396
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:20 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
192.124.249.130200 OK 487 B URL HTTP/2 approvalguy.ca/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
IP 192.124.249.130:0
File type ASCII text, with very long lines (1519), with no line terminators
Hash f49750e93d3f1fe51cd1cc2350e20af6
240ae051bb9b55a3937871753d40da640ca03137
9d693c8ed1d35aa67923da6ce3125c6e754ffcceeb2c99c44e84f1c3240ab086
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 487
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Sep 2022 12:08:41 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/jquery.stmdatetimepicker.css?ver=1674919915
192.124.249.130200 OK 4.6 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/jquery.stmdatetimepicker.css?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (1961)
Hash 2dbe5d4f94fdcf3df53ec6071a433b32
b71af6bb415f16b2624d97e8914137399c8ec596
0850bfcae403b88d409a60d16d73c6e1f7ef1c8274c5b090ab290b2aa7923546
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/jquery.stmdatetimepicker.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 4618
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.124.249.130200 OK 4.2 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.124.249.130:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 4169
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.2.0
192.124.249.130200 OK 1.1 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.2.0
IP 192.124.249.130:0
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash 3fffd1b8f00bf4175aaf1831974a4e4c
7f16ab9253c92a528f1f8cb20bee07128ce67048
3eeb166e786db324c70ef63628846f825951748a76d0de97c719189a0ab555c3
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.2.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1088
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
192.124.249.130200 OK 126 B URL HTTP/2 approvalguy.ca/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
IP 192.124.249.130:0
File type ASCII text, with no line terminators
Hash ac7ecbcdc01fb980628e0ca076fd2c39
2df6d7adf64efc42e8f46243d5620c62879b59be
9f2cb415bb1b9656398091a9b2657b2dfe043c03a6526a9a12c6af51062e54c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 126
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Sep 2022 12:08:41 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/inc/value_my_car/assets/css/vmc-style.css?ver=1.0
192.124.249.130200 OK 43 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/inc/value_my_car/assets/css/vmc-style.css?ver=1.0
IP 192.124.249.130:0
Hash e10ad2b8339ee2d080290a66fd5c00d3
41511961d88c642822882eb721cc81bec9fdbb5a
103bed04256dea5a482200aabd93baad4539ba3dc4d766945b7fbb35046bec1b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/inc/value_my_car/assets/css/vmc-style.css?ver=1.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 43
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/uploads/stm_uploads/wpcfto-generate.css?ver=327
192.124.249.130200 OK 2.6 kB URL HTTP/2 approvalguy.ca/wp-content/uploads/stm_uploads/wpcfto-generate.css?ver=327
IP 192.124.249.130:0
File type ASCII text, with very long lines (20774), with no line terminators
Hash 2d41e37ee9a54fc5c1899cfb18e91d74
e80d11ee98ee00d6ff80bca90e1ac69da74536e2
18c11c85d9b6737a84c851cd3ecbde8d574fc26a87480a15f2ab55eafad6617e
GET /wp-content/uploads/stm_uploads/wpcfto-generate.css?ver=327 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 2637
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 23 Sep 2022 14:51:48 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.8.0
192.124.249.130200 OK 374 B URL HTTP/2 approvalguy.ca/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.8.0
IP 192.124.249.130:0
Hash 99f478aea66ce928c3dda9ab3a0dbbb3
29bb3e5ccb81defba6cf1749768f4c57533e261a
44b0fdb4d849dfa85411e2e814e8352a89f04fad8e65924f477368dad133955e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.8.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 374
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 07 Jan 2022 18:30:29 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.2.0
192.124.249.130200 OK 3.5 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.2.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (9111)
Hash f6004c12128ba678a6ab8fafb9cb1d61
a023d537a3273176524815baca3f2c42cc601a3c
e516f66f227db9eb26f5bec7605f4647680979c10c9bb61ac1654ccbf7e348af
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.2.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3496
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/subscriptio/_old_version/assets/js/frontend.js?ver=2.3.10
192.124.249.130200 OK 268 B URL HTTP/2 approvalguy.ca/wp-content/plugins/subscriptio/_old_version/assets/js/frontend.js?ver=2.3.10
IP 192.124.249.130:0
Hash 8185f6c08afd1c994bf4d20b11ed9c8a
3614e12de4e171536dd352fb5b20cc68cba45f96
c5e9c6a7b41c22f9d7bc99572332e822ccc65700f57369d85fe6b042b5cf541c
GET /wp-content/plugins/subscriptio/_old_version/assets/js/frontend.js?ver=2.3.10 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 268
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:43:52 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/classie.js?ver=1674919915
192.124.249.130200 OK 741 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/classie.js?ver=1674919915
IP 192.124.249.130:0
Hash f0112a883818f94b8dc89e351adf8c36
2bd281f37b61a8f6df97c2b575cdef39f77a058e
65440f8274adef2f3945bb5ce75f16a693d0042af7f46170302175fce06eecc6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/classie.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 741
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_motors_review/assets/js/motors-review.js
192.124.249.130200 OK 536 B URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_motors_review/assets/js/motors-review.js
IP 192.124.249.130:0
Hash a77874f0e35d65ff476debf334f1fbb0
4b50be907b7739402655f95a218b1905db6d4fa4
03a86e38864bb45e921842e4a94d971c775c842e1688a8df765460981b7f96b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_motors_review/assets/js/motors-review.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 536
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 07 Aug 2021 15:34:04 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/jquery.cookie.js?ver=1674919915
192.124.249.130200 OK 1.4 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/jquery.cookie.js?ver=1674919915
IP 192.124.249.130:0
Hash 54a9ec3dee95fd1f6e2f6e7336e94a37
8a54ab06be97e71aefefa71eec1e9955697f595f
5d5dbf633220d53cbd1cdea10b7cef58ef619c0296390fa05473e2e0e3883b79
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/jquery.cookie.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1404
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/vivus.min.js?ver=1674919915
192.124.249.130200 OK 4.0 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/vivus.min.js?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (11790)
Hash e32b509ac7d4098a5b9b8e331806fae6
8eb95384473b97e58ed5a08e0488635cea14de2e
92b151372b22bb095ea3e33d5d127d585b5db4f511fd0253977b97fab111b66b
GET /wp-content/themes/motors/assets/js/vivus.min.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3975
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1
192.124.249.130200 OK 3.0 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (9937)
Hash e13e2a5aae864d21ed354d27340879a8
27b4256b04bb5b24275cd60fdbc2e4f7fe87983c
0ba96929c19d286796f484f9e77957485498adadc3fe1d5ea91d0de29d00ddd2
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3024
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/animation.css?ver=1674919915
192.124.249.130200 OK 6.7 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/animation.css?ver=1674919915
IP 192.124.249.130:0
Hash c539b9aac3a65cca3f449ef37e548ccb
b87a9e1f75f50a6d22ee1d783d3689d674204f0b
7e9d9f8aacc325dc3d2abfa0252b9049cd3399c7f81cbf32f776c4644d0ec698
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/css/animation.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 6679
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
192.124.249.130200 OK 3.0 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 20d191fbcefaf143ff6d9f0234b3afd4
85c302c0f4d2393bd1c3fb724a03741a14860b3a
0398c654fccf925b52ce33037cf350414bc27efc9da7db916ee7dbe646541f7a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3040
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:44:45 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
192.124.249.130200 OK 2.5 kB URL HTTP/2 approvalguy.ca/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 192.124.249.130:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 2457
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
192.124.249.130200 OK 6.9 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7e2b78a6e8a9b90385330755ee1cf3e5
684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 6914
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
192.124.249.130200 OK 7.1 kB URL HTTP/2 approvalguy.ca/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 7095
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
192.124.249.130200 OK 2.9 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (8339)
Hash faa75df3694005642abb99586ea44af3
770d357270837858c3f4315a1dc92bc335b7d45a
d034a68565c3434a9b20e625631c3fa69c4a4482ef0180809503a7c9aa337fba
GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 2894
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
192.124.249.130200 OK 989 B URL HTTP/2 approvalguy.ca/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash 1a973b2fcb6382cf2f096dc05ac8c879
1b1c2d34623e75e9218132fc3b414543e56af2c3
977f29856fc84e0712763206e1d27ea8aeb94c1d23b2b6de45e293d2284f2360
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 989
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
192.124.249.130200 OK 331 B URL HTTP/2 approvalguy.ca/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
IP 192.124.249.130:0
File type ASCII text, with very long lines (463)
Hash ba2b50662c393ff6ba69961f66b24d5d
d5694f33b1072b13fc4c3989e90252c0b28030a2
79ad638f020827a6db341526b430e65459aa712bfbdcabf28bb013c6b2c715e9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 331
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
192.124.249.130200 OK 1.7 kB URL HTTP/2 approvalguy.ca/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 192.124.249.130:0
File type ASCII text, with very long lines (4875)
Hash 320b86bb1a9ce650a5e3553b2bb1c430
c56e8668b398641ed5cdcfbd8a8eba7d631cdb9c
c9ebbb8d122c6be3880d18172abfe308bb07db900689484fa765a73b8b20b3ec
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1661
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
192.124.249.130200 OK 3.1 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (10572)
Hash 441a9f4f0e65b720c99ccd7835d5a6f7
9d1e18dffdd3d8cfe4aaef782e02b4b35899cd25
2b161c785b5b6a40802db7808810b8805f163f471d44f275f053b09636c3f851
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3125
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
192.124.249.130200 OK 3.9 kB URL HTTP/2 approvalguy.ca/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 192.124.249.130:0
Hash ca0cf10a1d933e4262c732da8f9008c1
d6fdc041e650cf096841671884db8854490dba72
fbd145cb64d3185e42b8a3f6fff22b3e4cc3550934b63a4f874c21c44f920702
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3865
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/jquery.cookie.js
192.124.249.130200 OK 1.4 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/jquery.cookie.js
IP 192.124.249.130:0
Hash eb06925823b5bd059914eda6ef1486b5
c8898f725a2e84d64582163a29913dc18f58fd07
35d121eece75269f92c3cbe7a0458b1719d213b7f29323a67ba991cd177f8293
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/jquery.cookie.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1395
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
192.124.249.130200 OK 1.1 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (3233)
Hash cde0ded344e3544e6f19cf117371b265
acb5934c1a00ce841abbe050c815e7b06b702f57
bddcbef59b628af5afedda5a07006341a7af05b6df42e334f0579d8662fd0e7e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1084
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm-megamenu/assets/js/megamenu.js?ver=2.3.2
192.124.249.130200 OK 971 B URL HTTP/2 approvalguy.ca/wp-content/plugins/stm-megamenu/assets/js/megamenu.js?ver=2.3.2
IP 192.124.249.130:0
Hash f5162c1828f1eb68ad87a6d90af4ad3c
ea6358de48d61f4bd5d3751fa87d0b26aa885a6c
dad9b06e945d9a22349bd0a0492dc702831f641c0f944b29f7801ac34c025e65
GET /wp-content/plugins/stm-megamenu/assets/js/megamenu.js?ver=2.3.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 971
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:47:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/filter.js
192.124.249.130200 OK 1.9 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/filter.js
IP 192.124.249.130:0
Hash e731013f90ddc84dd98b767c60bcc511
6859aa11261b92efa25d6606f657dde9e1774d38
02f47db28552f915f36b16eb58df6a14d8dbc4629686724cb9cb039a52ac282a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/filter.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1894
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
192.124.249.130200 OK 6.0 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (16109), with no line terminators
Hash 50f1b56214f7e26856cb386786ef488c
16e4411fc85326e3b97b2cae8ded89c68e978d46
b8ac9041ececad43c28db3f7875fcf3e76d5e01d1d062f33036e561782bc6ce9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 5962
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2
192.124.249.130200 OK 585 B URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2
IP 192.124.249.130:0
File type ASCII text, with very long lines (985)
Hash 2a4a6faccfa5b512e63468b64b0c9969
f4a9aa5290d1598b2ffb4715ba1038619fcd7b2e
1450980233347d0b873c36db1d616f8f7fc22172780a78530b368612ce3b9a63
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 585
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 11 Apr 2012 02:58:23 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.2.0
192.124.249.130200 OK 794 B URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.2.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.2.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 794
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.2.0
192.124.249.130200 OK 982 B URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.2.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.2.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 982
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/init.js
192.124.249.130200 OK 2.0 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/init.js
IP 192.124.249.130:0
File type ASCII text, with CRLF line terminators
Hash ac3a3f718297d2ee72c0cdf19db1de08
75b0bfbb100b047dc0a833fa3ce6bf4944063677
34638c7ce910e1fb3e5853cf9a8dfb03cea2df2286ef406c6ce0e93f0228b59f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/init.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 2043
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.2.0
192.124.249.130200 OK 1.0 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.2.0
IP 192.124.249.130:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 45db3d2887c26700a51bf469e3bb3aa1
d070b5fb53d2fbb66964bbfd482270b855d0ee96
1abc0cff49f82d9a063c04cd086b991af6ad00467efc4cb8d8d4e3c9a0f95777
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.2.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1039
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
192.124.249.130200 OK 4.1 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
IP 192.124.249.130:0
File type HTML document, ASCII text, with very long lines (12652), with no line terminators
Hash 5a8a35c9ae8f9e0fc3dbf35fba73b13a
10d0f2fde01006234322517ef3b4d4b9b6d230bd
913435232b007746db89fde662ff6a8e4bb8c7eea164a785b321fccf39a3e1fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 4084
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:44:45 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_motors_review/assets/js/frontend/jquery.cookie.js
192.124.249.130200 OK 1.4 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_motors_review/assets/js/frontend/jquery.cookie.js
IP 192.124.249.130:0
Hash eb06925823b5bd059914eda6ef1486b5
c8898f725a2e84d64582163a29913dc18f58fd07
35d121eece75269f92c3cbe7a0458b1719d213b7f29323a67ba991cd177f8293
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_motors_review/assets/js/frontend/jquery.cookie.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1395
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 07 Aug 2021 15:34:04 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
192.124.249.130200 OK 6.5 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (15439)
Hash 0748a982f068af9766c253cb21601ff2
9994f710f5450ee963f9714f715c6c9dbd64d417
2caf6897d004cd4727e5ab8b9992bb08d96b6ac38917142d1c2a49f74e1e4114
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 6502
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
192.124.249.130200 OK 531 B URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (715)
Hash 1ea7bcbb40b617cbbf38b615434133e0
7433990d960000293aaf5a7fa53cd3dde93ee802
8a983f24fd8856665fd5bdfc272d3a7129e605ab1ee862fe8a138b69ca015033
GET /wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 531
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 28 Jan 2022 16:44:05 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
192.124.249.130200 OK 4.8 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (18145)
Hash 3bf143442038c53bb3e300f2bf969dcd
712cf4a73281faa972c160ad0241d9844fb25446
6bc47200329a4ad6fae0b812da0300dd72b0164a4f343afd75275c862f37ee19
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 4841
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1
192.124.249.130200 OK 2.0 kB URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1
IP 192.124.249.130:0
File type ASCII text, with very long lines (6469)
Hash 6e6cd7f6a5febe7248a2b6709fcc7531
d70c4370c84b2d96d08df4ca845d0c0eb90f49ed
40b9928688dc6dc3569a26fef5ce11baf229840c482c13424661bea33dff0071
GET /wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 2036
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/bootstrap.min.js?ver=1674919915
192.124.249.130200 OK 9.4 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/bootstrap.min.js?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (32087)
Hash 339a178e25bf3531bc10b87e1f310883
36df96c7fa50d2b5f26f1557bb9ee7f4be234c09
f9e67c4d47f30892e127d0414ac9320f38899f079c6437f5903e14ac7f2e813e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/bootstrap.min.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 9441
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/imagesloaded.min.js?ver=4.1.4
192.124.249.130200 OK 1.8 kB URL HTTP/2 approvalguy.ca/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 192.124.249.130:0
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1834
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/jquery.touch.punch.min.js?ver=1674919915
192.124.249.130200 OK 597 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/jquery.touch.punch.min.js?ver=1674919915
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (1090)
Hash d092834263c7b00d7de63acd3faf80e3
5f7b89769c97ad01fc128176e2f37520e787f718
1894fcaba76bd3052337c4c30dd4211cffdd4e6c2f1fe0d1da7da98b4573d206
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/jquery.touch.punch.min.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 597
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/lazyload.js?ver=1674919915
192.124.249.130200 OK 1.7 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/lazyload.js?ver=1674919915
IP 192.124.249.130:0
Hash caf9d2c0817ce51f4d2436614f5ab292
4318add215d0a2eb1e72da121104b69cf51a15ca
f5b7ef02c2730b0be2d1a1df632102308535251488996d42f1e84f34c78515a8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/lazyload.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1651
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/jquery.uniform.min.js?ver=1674919915
192.124.249.130200 OK 3.1 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/jquery.uniform.min.js?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (8553), with no line terminators
Hash fc848f7a1c24d6c7ab09aa9657122a09
52105a2a368d0f23f90af2482929dc4fc7830389
cc2fc948b7b16664d5174e1115c2bf03a6b1039ad8bce85d1c18947f2fa889f8
GET /wp-content/themes/motors/assets/js/jquery.uniform.min.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3128
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/isotope.pkgd.min.js?ver=1674919915
192.124.249.130200 OK 10 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/isotope.pkgd.min.js?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (32011)
Hash 1739635d6f16853b1bb99060f1005897
328e5607c0b2b2d103b464d54e4b4fa13dcbb3af
cb15dbdb6a4c399a80bf87d3c0e57cc9fe088f9ded91fbc9f249d570fe4f849d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/isotope.pkgd.min.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 10123
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/lg-video.js?ver=1674919915
192.124.249.130200 OK 2.8 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/lg-video.js?ver=1674919915
IP 192.124.249.130:0
Hash 74c7ca4c4070270c9639c6c7214b1aa5
212741b3a7fbdc5c71617b31ebc2e18a5f1ad5e8
94c0173638d655e8e3742b93fb2f6fb0063e0278ffd40514245b9ce246f4b965
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/lg-video.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 2832
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/app-user-sidebar.js?ver=1674919915
192.124.249.130200 OK 332 B URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/app-user-sidebar.js?ver=1674919915
IP 192.124.249.130:0
Hash 745fff3eacbe6a6e02c963e537946a78
8b32ec0f6ac8a9ce55860e9332b3aca74011a5d0
da7f75b7312f8d94acd4d7de6621d65a4733b56971128f17bc7154de428bc002
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/app-user-sidebar.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 332
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:23 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/jquery.countdown.min.js?ver=1674919915
192.124.249.130200 OK 2.4 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/jquery.countdown.min.js?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (4136)
Hash a68628065a86702a4e1e6fbd80080451
837a875a970610f3922a59081a3cbabee19ace3f
e26df89d152868d65d41bda19ab42634965ec4b9d60b38c9246423223446ba15
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/jquery.countdown.min.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 2373
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/load-image.all.min.js?ver=1674919915
192.124.249.130200 OK 9.1 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/load-image.all.min.js?ver=1674919915
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (26142), with no line terminators
Hash a5293042582de312108ef111c5e09ae5
620f553258ba3291215cf8d34ad3086636222724
c4ffad883c017fb330918c8131e26c4aac85237bd69479d5545fd13da4b8a0f2
GET /wp-content/themes/motors/assets/js/load-image.all.min.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 9082
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/filter.js?ver=1674919915
192.124.249.130200 OK 3.1 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/filter.js?ver=1674919915
IP 192.124.249.130:0
Hash 3475f7a08b2f3a6f2f69b1b649b02c38
4c9876991d3dd5120182af2e522e3639608ef136
1200fbb60e9d970fcb57c17db2608149798b8c629f65ac633b7a43270eb29032
GET /wp-content/themes/motors/assets/js/filter.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3105
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/sell-a-car.js?ver=1674919915
192.124.249.130200 OK 2.7 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/sell-a-car.js?ver=1674919915
IP 192.124.249.130:0
Hash 1d9af63747ea153f0bd354293b0a1272
e120dbba7e11cdba2e6bd0b11879d911bde8207e
47606172e87d6ee17413cc7b3e53a1ae552d3b925836a9c1a1462a507c3c7996
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/sell-a-car.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 2734
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/stm-google-places.js?ver=1674919915
192.124.249.130200 OK 1.2 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/stm-google-places.js?ver=1674919915
IP 192.124.249.130:0
File type Algol 68 source text\012- Pascal source, ASCII text
Hash ac9556caa6ba8636b0516daa5d51c2e5
146146eaec26b48bbf729ac35759a0e836d00f02
c7d34376dec7d1d5cbe4f32d6092408c97bd21302498b1dcb578722d7b26a13b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/stm-google-places.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1233
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/inc/value_my_car/assets/js/vmc.js?ver=1.0
192.124.249.130200 OK 1.3 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/inc/value_my_car/assets/js/vmc.js?ver=1.0
IP 192.124.249.130:0
Hash 16632e1b96456a8984af122def06a6cd
c9a39c351202055ffb20c9fcee314108826d9dd2
612f361b2e624b3bf3d8a9094b4d5055af5f916a1ad7181c2077e18d83f2169a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/inc/value_my_car/assets/js/vmc.js?ver=1.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1285
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:16 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/jquery.cascadingdropdown.js?ver=1674919915
192.124.249.130200 OK 3.4 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/jquery.cascadingdropdown.js?ver=1674919915
IP 192.124.249.130:0
Hash 2c029028a9acd96d910bf6d7717dade4
18b8902d2fb4021aff9bba512650c7cfbb305fc5
808bd8b51b812c80834298aa6ca9c80b404974bc984a61db750dee1675a3dc52
GET /wp-content/themes/motors/assets/js/jquery.cascadingdropdown.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 3400
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/all.css?ver=6.0.3
192.124.249.130200 OK 13 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/all.css?ver=6.0.3
IP 192.124.249.130:0
Hash 9323511f7d8c7ab2721e5903dc555aba
aaf0b720a49ad371e3580dfb70d5ee4fe2ef4145
057679e0bc289f067b7532617fa77e26e8d1f6cd8d52afa52f4175bea5e1b610
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/all.css?ver=6.0.3 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 12795
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Sat, 16 Jan 2021 17:11:29 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.9.2
192.124.249.130200 OK 25 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.9.2
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash b898f25c74b4f9d13897cf6ca3d08e06
78b1b205aa0b5f1417632ebd2442b9a49e68416b
4c8a57e8ca0a36c98d5a5247e739ce782266cd71845a0283570e4c2090c3f6fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.9.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 24607
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 19 Dec 2022 18:45:18 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1674919916
192.124.249.130200 OK 13 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1674919916
IP 192.124.249.130:0
File type ASCII text, with very long lines (59158)
Hash d7913fc87c4606f82b4ee77a8d47fc2f
62a54acf7535ae53425b44dadfe5fdabf3d8300a
bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1674919916 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 12869
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 15:01:11 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/css/bootstrap.min.css?ver=1674919915
192.124.249.130200 OK 19 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/css/bootstrap.min.css?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (65371)
Hash a69801e0e683a8efdc50685e08da6a5c
6f9e7217c522f9e426b01836de5ca4b489da9cc8
af869524400958bf10cefcd1a2790715f9f569117fabe6c69e24e5ca65e45321
GET /wp-content/themes/motors/assets/css/bootstrap.min.css?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 19250
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:21 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/owl.carousel.js
192.124.249.130200 OK 20 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/owl.carousel.js
IP 192.124.249.130:0
File type ASCII text, with very long lines (360)
Hash b7b67d47b88c016cb848b772078ecd51
56bb2990a6015fc8bdd26575db8e016caf55415c
c6cde20ab00f0f429abbcd3329fe6d5be0d1a6e09bbbce7cd5e9acb3929ac6da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/owl.carousel.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 20037
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/lightgallery-all.js
192.124.249.130200 OK 20 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm_vehicles_listing/assets/js/frontend/lightgallery-all.js
IP 192.124.249.130:0
Hash b69d0551417311f47c28113011d61706
c3884aac850c8bdbaedc143ea5881015592a77d6
a0350bbb780e1c571bf69667b6fc2d91fc3a1524a8afc38492f2b73bd971e733
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm_vehicles_listing/assets/js/frontend/lightgallery-all.js HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 20384
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:55:13 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/select2.full.min.js?ver=1674919915
192.124.249.130200 OK 22 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/select2.full.min.js?ver=1674919915
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (64131)
Hash 27cccae187e6c6bacbdbb39f951c1e72
3a3498acdee5a98178cc7006b61358094b766e99
43040dab46e4466145635e3a4a9b53acbc709e781479d1971f8bd67a010e8fc2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/select2.full.min.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 22031
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/app.js?ver=1674919915
192.124.249.130200 OK 12 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/app.js?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (1677)
Hash 1d7153db02e42974a262d13479dfab4b
d3dca08e7aa295a45c8f21d7a2683af25a8abffe
79d42603ee482b91ed52e2cc65e51192d96cc48895eb95c4c0abe2ec37f3ca86
GET /wp-content/themes/motors/assets/js/app.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 12457
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/app-ajax.js?ver=1674919915
192.124.249.130200 OK 13 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/app-ajax.js?ver=1674919915
IP 192.124.249.130:0
File type ASCII text, with very long lines (306)
Hash 5c95be2671a03d4cf2460acf5cbced8d
47d909c5cb62107bbc60855d5285e4be64328093
94ec987c67c06c4d8259281f250cab2a10c39fc9f9bf3785b4197003d7edef27
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/app-ajax.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 12689
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/typeahead.jquery.min.js?ver=1674919915
192.124.249.130200 OK 18 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/typeahead.jquery.min.js?ver=1674919915
IP 192.124.249.130:0
Hash 26ef23764a3480c7c310d920cf930659
58a889271cf5e411a3f255c2033c329ed6887ac6
b69236e0eba0c94584ca5a5ab607a63242732bc2728f372c1b27c45ee4d1ae4f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/typeahead.jquery.min.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 17904
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm-megamenu/assets/css/megamenu.css?ver=2.3.2
192.124.249.130200 OK 29 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm-megamenu/assets/css/megamenu.css?ver=2.3.2
IP 192.124.249.130:0
File type ASCII text, with very long lines (545)
Hash 80fc0b8fb1c4c4f6a57e95d27d2a6094
3deb6f7f8deca56daf3ae91d89e118e646f2fbc9
bd68f5fa2e9649b4fe05e3d42c952d14bdf9acbbb2eb5aa04b594e41d231cea6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm-megamenu/assets/css/megamenu.css?ver=2.3.2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
content-length: 29414
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Mon, 04 Apr 2022 13:47:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/js/stm_dt_picker.js?ver=1674919915
192.124.249.130200 OK 30 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/js/stm_dt_picker.js?ver=1674919915
IP 192.124.249.130:0
File type Unicode text, UTF-8 text, with very long lines (6345)
Hash 9d768c03c93f81ac5df26eeb02253843
9803e84fd606a57e76ce24b664ce66ef00628213
880bec2db8e0aefa35e2e465ff3d2ea390fa78641976e416c4ca4873bfaf9401
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/motors/assets/js/stm_dt_picker.js?ver=1674919915 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 29569
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:31:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:31:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://approvalguy.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:58 GMT
expires: Fri, 26 Jan 2024 10:05:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 192361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://approvalguy.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 17:46:05 GMT
expires: Thu, 25 Jan 2024 17:46:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 251154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/uploads/stm_uploads/skin-custom.css?ver=374
192.124.249.130200 OK 173 kB URL HTTP/2 approvalguy.ca/wp-content/uploads/stm_uploads/skin-custom.css?ver=374
IP 192.124.249.130:0
Size 173 kB (173305 bytes)
Hash 29cfc62928b64629514a259003f02196
ec4749295b76bf2b5d2f7a4d6b551785b2ba81cc
fd8f1febcf54a09f8a18d8818868b37e714ee6961729cf960142958cc150d0ba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/stm_uploads/skin-custom.css?ver=374 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: text/css; charset=utf-8
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Fri, 23 Sep 2022 14:51:49 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.124.249.130200 OK 471 B URL HTTP/2 approvalguy.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.124.249.130:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:31:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 30908
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.170200 OK 25 kB URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.170:0
Hash 4da3e4c0ccca393c04d5eaeaaae29168
563b25e8563251c6d3d706179eda6f4d4a398037
56e09838cffe315a8d27df396cde96b003082ac0ec32057263bac989c8566e0d
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://approvalguy.ca
Connection: keep-alive
Referer: https://approvalguy.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:32:00 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://approvalguy.ca
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/themes/motors/assets/fonts/default-icon-font/stm-icon.ttf?2bstzn
192.124.249.130200 OK 26 kB URL HTTP/2 approvalguy.ca/wp-content/themes/motors/assets/fonts/default-icon-font/stm-icon.ttf?2bstzn
IP 192.124.249.130:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, stm-icon \012- data
Hash 875140f27c8d62a166e620b6120f379b
1f4dbd135cb8082c266d43f6cd934aa84f654c84
e9cfab737bbbf5814a8a60260c003a758fb80215a1efd5de82bbc5a8152cc316
GET /wp-content/themes/motors/assets/fonts/default-icon-font/stm-icon.ttf?2bstzn HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/wp-content/themes/motors/assets/css/iconset-default.css?ver=1674919915
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:32:00 GMT
content-type: font/ttf
content-length: 26165
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,User-Agent
last-modified: Wed, 30 Mar 2022 14:42:25 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/webfonts/fa-solid-900.woff2
192.124.249.130200 OK 78 kB URL HTTP/2 approvalguy.ca/wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/webfonts/fa-solid-900.woff2
IP 192.124.249.130:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://approvalguy.ca/wp-content/plugins/stm-motors-extends/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1674919916
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:32:00 GMT
content-type: font/woff2
content-length: 78196
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 30 Mar 2022 15:01:11 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/?wc-ajax=get_refreshed_fragments
192.124.249.130200 OK 197 B URL HTTP/2 approvalguy.ca/?wc-ajax=get_refreshed_fragments
IP 192.124.249.130:0
File type JSON data\012- , ASCII text, with very long lines (310), with no line terminators
Hash ccac1c1e2c443d3c846db0c30b2d7bae
d75c320073d9ca7e06bab03cc867146ba04bb463
396f8cc99061df0b2f689e4a0714ee350b4ba5136777177a394e40c376b01ef6
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://approvalguy.ca
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:32:01 GMT
content-type: application/json; charset=UTF-8
content-length: 197
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
x-pingback: https://approvalguy.ca/xmlrpc.php
access-control-allow-origin: https://approvalguy.ca
access-control-allow-credentials: true
x-content-type-options: nosniff, nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/uploads/2019/04/cropped-1p-32x32.png
192.124.249.130200 OK 1.6 kB URL HTTP/2 approvalguy.ca/wp-content/uploads/2019/04/cropped-1p-32x32.png
IP 192.124.249.130:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 761bece39499246f6fe06207ba6b26ca
41b16823e918070ab27f42d0a9d1c878fd15764b
ea42bba8e85cc5cf7188509d240c9e053cc91f718e0287cbed5b125a19a537e5
GET /wp-content/uploads/2019/04/cropped-1p-32x32.png HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:32:01 GMT
content-type: image/png
content-length: 1633
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
last-modified: Thu, 19 Nov 2020 18:31:53 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
approvalguy.ca/wp-content/uploads/2019/04/cropped-1p-192x192.png
192.124.249.130200 OK 21 kB URL HTTP/2 approvalguy.ca/wp-content/uploads/2019/04/cropped-1p-192x192.png
IP 192.124.249.130:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f512f8f53a3ecbb518015f68229ced28
b41b5025ac1099fced7848bc6052fb00f6f971fd
f1a27184db1ee6e0e785b3faa3eaf148080aeb0bb3acfbbbc8380d122cdc53ac
GET /wp-content/uploads/2019/04/cropped-1p-192x192.png HTTP/1.1
Host: approvalguy.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/netflix/login.php?md=04f1f88dadaff1141fe74125d4a632c1&wa=wsignin1.0&rpsnv=13&ct=1544286663&rver=7.1.9737.0&wp=MBI_SSL&nlp=1&RpsCsrfState=2689dcff-33p1-518f-362a-5db09c03fafc&id=292841&CBCXT=out&lw=1&fl=dob,flname,wld&cobrandid=90015
Cookie: stm_visitor_1=96315656
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:32:01 GMT
content-type: image/png
content-length: 20652
x-sucuri-id: 15030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
last-modified: Thu, 19 Nov 2020 18:31:52 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1674919915
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1674919915
IP 142.250.74.106:0
GET /css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1674919915 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://approvalguy.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 15:31:56 GMT
date: Sat, 28 Jan 2023 15:31:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2