{"report_id":"2feac9c2-1568-49a9-9226-2c869a663b65","version":6,"status":"done","tags":[],"date":"2025-11-27T12:52:57Z","url":{"schema":"http","addr":"tracking.bluewatersredfish.com/aff_c?offer_id=389\u0026aff_id=11\u0026aff_sub=Z1G10MVS\u0026aff_sub2=mbinder@slurpmail.net\u0026aff_sub3=179\u0026email=mbinder@slurpmail.net\u0026aff_sub4=2025-11-21%2014:00:48\u0026aff_sub5=enablecomp.com","fqdn":"tracking.bluewatersredfish.com","domain":"bluewatersredfish.com","tld":"com"},"ip":{"addr":"54.72.240.173","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"final":{"url":{"schema":"https","addr":"steadycash.net/#/secure?nt=9778","fqdn":"steadycash.net","domain":"steadycash.net","tld":"net"},"title":"Steady Cash","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tracking.bluewatersredfish.com/aff_c?offer_id=389\u0026aff_id=11\u0026aff_sub=Z1G10MVS\u0026aff_sub2=mbinder@slurpmail.net\u0026aff_sub3=179\u0026email=mbinder@slurpmail.net\u0026aff_sub4=2025-11-21%2014:00:48\u0026aff_sub5=enablecomp.com","fqdn":"tracking.bluewatersredfish.com","domain":"bluewatersredfish.com","tld":"com"},"ip":{"addr":"54.72.240.173","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-01T12:52:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":10}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-11-27","alert":"Phishing Block","trigger":"dfgtrk5.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"dfgtrk5.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"steadycash.net","ip":{"addr":"34.121.35.39","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2022-08-17","domain_rank":4571115,"first_seen":"2019-03-09T21:11:34Z","last_seen":"2025-11-24T09:54:06.468904Z","alert_count":12,"request_count":3,"received_data":51413,"sent_data":1890,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.trustedform.com","ip":{"addr":"65.9.46.23","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2009-02-13","domain_rank":163006,"first_seen":"2020-08-26T23:38:48Z","last_seen":"2025-11-25T01:43:51.331769Z","alert_count":0,"request_count":2,"received_data":131856,"sent_data":978,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"tracking.bluewatersredfish.com","ip":{"addr":"52.209.186.26","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2019-08-02","domain_rank":0,"first_seen":"2021-08-10T22:16:44Z","last_seen":"2025-11-22T16:01:28.445742Z","alert_count":0,"request_count":1,"received_data":51881,"sent_data":671,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-11-23T22:13:43.05661Z","alert_count":0,"request_count":2,"received_data":16933,"sent_data":946,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-23T22:16:03.791483Z","alert_count":0,"request_count":3,"received_data":734589,"sent_data":1343,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.trustedform.com","ip":{"addr":"54.160.9.121","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2009-02-13","domain_rank":151305,"first_seen":"2012-10-29T05:30:13Z","last_seen":"2025-11-24T09:07:50.73863Z","alert_count":0,"request_count":4,"received_data":21583,"sent_data":2121,"comment":"","tags":null,"fingerprints":[{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]},{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Amazon ELB","description":"AWS ELB is a network load balancer service provided by Amazon Web Services for distributing traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-23T22:13:29.69009Z","alert_count":0,"request_count":2,"received_data":77182,"sent_data":1098,"comment":"","tags":null,"fingerprints":null},{"fqdn":"assets.steadycash.net","ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2022-08-17","domain_rank":0,"first_seen":"2023-05-31T09:18:14Z","last_seen":"2025-11-24T09:54:06.447545Z","alert_count":36,"request_count":9,"received_data":1575714,"sent_data":4666,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}]},{"fqdn":"res.cloudinary.com","ip":{"addr":"104.16.78.6","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2011-05-24","domain_rank":21175,"first_seen":"2012-10-03T08:31:44Z","last_seen":"2025-11-24T00:23:53.536069Z","alert_count":0,"request_count":8,"received_data":284612,"sent_data":4455,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"dfgtrk5.com","ip":{"addr":"34.102.181.184","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2018-11-19","domain_rank":4054305,"first_seen":"2019-06-27T16:53:09Z","last_seen":"2025-11-20T19:13:52.917775Z","alert_count":2,"request_count":1,"received_data":50496,"sent_data":576,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-Z1EMQ8T80Q\u0026cx=c\u0026gtm=4e5bj0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a2b00e363b96ab35147e65b5cb12502","sha1":"3e80120173850c34d24cc2774e77fff4002fad47","sha256":"c5e1cada5a7dd7222495793c6fcbb50a306d5ea53cfd5a3ff9981acb2d88c9da","sha512":"9082a1feba3897c46c0d1ab18b131bde341d5544c4aefc6776551ccf1dc545fa57e5026da4a727fc2108d564bf1089745f556a0a0a4a024b1f5898633dfdffa4","ssdeep":"6144:cROWgKOtdDUI23ECULUVW66O7GQEO75keV0sBLatgFvw:cRN3O3UHECUfO7Zy","tlshash":"b49418ce73d674265396f078503f018ba57b28a2b44cc896f1c9c9e52e74a9a4237f7c","size":414280,"data":"","first_seen":"2025-11-27T12:53:02.598805Z","last_seen":"2025-11-27T12:53:02.598805Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","fqdn":"steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"34.121.35.39","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c64da34b0e57616cca9cbdf6d8887a6d","sha1":"34ee7503602ef62c922c42e510828c488b2aba87","sha256":"aa5dd6ddcb1892f8f51a3bca4b865d72d98b4342d058d0728cdc54065b9c0715","sha512":"796403e461df4b4d0062e0252b1a855ea97ce5588b97aa64c812482109dee77842a4eab2b7ae8cdc557d202e28687994a1cd88362220189543190c2c3a93365b","ssdeep":"","tlshash":"c370008a00c0220820202280220b2f22200203280080002000a8828820a208b300208c","size":22,"data":"","first_seen":"2023-03-07T01:33:14Z","last_seen":"2026-06-03T16:50:48.906778Z","times_seen":9126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","fqdn":"steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"34.121.35.39","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"02906eef6614a66e721e4e74cfb8debe","sha1":"2ff7db2d9316324619659ffeda641ff1c46bc6e4","sha256":"824db9af5685fcce9ecea002d01a840c78ffec07f012c81e1028bc17c94c2cee","sha512":"d2de15fda35560bf5e7203a4bece3baa879a56b2d262b015efa594085d58060a9f4bb39c46889a0d3ba4bcf3d1a4ca98f07b170941d86d2acabfe733145b3605","ssdeep":"","tlshash":"4cf0d4516d840b3cd34f01b6a5bfd226b12d11547e45cd15d259c461792cee0041574c","size":473,"data":"","first_seen":"2023-03-13T02:36:36Z","last_seen":"2026-06-03T16:50:48.907395Z","times_seen":9126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/polyfills.426d8f8069b0e02d.js","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d4e8da647e1bb7bb7c4b5b26a0690a2c","sha1":"fea1df4ad6abda1288ed44112a914c98b45e8d51","sha256":"68ebd42a00fbf307335b7b258a9e6c27a0eac10f826934fb1fde770cfb6f19a2","sha512":"6f3509c382ff54547be185952e56e6083f1bab1228d386a47d1dfd2c142dea9683eabaae3fd183960692c2c1e79990d9dba8fc5f43891b1215e56ab1b4ab2e7f","ssdeep":"768:qZtyWbSxewTodTTlHJVqMcgf9cRaMi3ZTS/vdNgE2DSJiaYNE//aEhOQty5R4Gfl:nVZqZn6R6etATNLDoWR59","tlshash":"8833f7da7392b0a247b3a0e6917f8407f22529a4785cc8f4e61f89d53c7a049d167f2e","size":54469,"data":"","first_seen":"2025-06-03T15:20:31.980426Z","last_seen":"2026-06-03T16:50:48.898835Z","times_seen":9077,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/1130.06f613c93ccd4b7e.js","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9415c83e1380f3452354f9527f95e063","sha1":"b6f04c6a344168b18785b3c39aa3d2f6081990e2","sha256":"481dfa3af02c9b1ceded5a1f36f9b786603acaa8feccc5a7ae20b145b2acbee7","sha512":"0de60d8cc478c63e79802f8bf77780c2d4a7c344f9293705a5218489e080bb5d2e232ba573f37e4dd67c04f2f90594bdcc8400f37eb558368c42ecfb3c421a4d","ssdeep":"768:YHCEAU59uZkVEF8uqsah5QDT4qgWdE+u9ZOUR64ivtdghODCDODxRiiSd4SDddDW:zzkP3spilOFFAD/id8PFh+","tlshash":"9c835b5795e123f893e310b8e67baa01626c6d04b90a40d8f66ccd9d33dcda85277b3d","size":80782,"data":"","first_seen":"2025-11-11T16:14:52.52373Z","last_seen":"2025-12-13T14:51:29.352506Z","times_seen":1451,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/main.a90ee03cbacb6f13.js","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3897b1fd9bad0ac1ab4666cb13b864bd","sha1":"679e40583e433d9ade3b5079b00a56f0e2b781db","sha256":"211e271255ee09cc1f8ec41713c56f1ab23162ff20cbd1025595ce586749f5d5","sha512":"2a8ca6c9acb901458f7650af0057fb842328ab629457c5d693eb2799d3c3c6000199db8d8f916fa317c90af1b9cb767b16974c0d28a5bf239de904295cc5dba5","ssdeep":"24576:eO29baK7VEeQE1hKzX7fgz9egUkk8nqShk8cP7qysORsTY8aq9xu5pHOc5clFMnf:Oeg3k8nqShk8cP7qysORsTY8aq9xu5pR","tlshash":"7b154ad67295702647d700e6517b4543f22d2844790984acfaaccdee3bb8d48a3bbb7c","size":885472,"data":"","first_seen":"2025-11-18T21:08:28.415339Z","last_seen":"2025-12-13T14:51:29.334152Z","times_seen":1366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","fqdn":"steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"34.121.35.39","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a82cc53d1c9b98ab1c4d8c5eaa677c8e","sha1":"8f665f0a37c8490156b8d342d7686a33befd1079","sha256":"a6260674dd69caea8ec9afd24022b7a3a8925e33fbf48f8b780eaaeeb4f9ab43","sha512":"7b81955ae323b1121bd6292b25b31dfd7b4e69605c7cd625ba433dafa4e74e444dcb2a23ae7a2091997898ba99d48984287bc29dd3d5a7496c8a9b1a2de5fc03","ssdeep":"","tlshash":"29c02bcc26060c73c1e727500f2ff240b1012300d6e00c33090573445b20c579748c00","size":145,"data":"","first_seen":"2023-03-07T01:33:14Z","last_seen":"2026-06-03T16:50:48.908Z","times_seen":9054,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.trustedform.com/trustedform.js?provide_referrer=false\u0026field=xxTrustedFormCertUrl\u0026l=17642479557060.24437161291510967\u0026invert_field_sensitivity=false\u0026sandbox=false","fqdn":"api.trustedform.com","domain":"trustedform.com","tld":"com"},"ip":{"addr":"54.160.9.121","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0ffeeb3affcf96d282702d551182b7c4","sha1":"8990f6eea7efe2f96bc5794a8cd4d4590f215895","sha256":"82e16087af8922b05cb794ad7d49bc5985e272dcff47484963f30821607cd1f1","sha512":"1e0ede6927a24383e56804caf43bff00b20e9381b59359b34146b2bfc02bb699743d3be08c7c6c6063c17d1667f5c9e8f036ecd309d6aec5362032d7fbbe3aa9","ssdeep":"384:uJ5BLkGVfK5k/QoJ69cdlYo4kVW1Wk0PfTKoT2VUSoHs7sy7fSaup9p6bX:uJ5BgUfK5YX69cdlYo4kVW1Wk0PfTKou","tlshash":"7a921a4ab6a8b43d0b6721f2a13f920bf3712525390b50504269c9f43e79d8f961bf9e","size":19915,"data":"","first_seen":"2025-11-05T17:08:16.978573Z","last_seen":"2025-12-01T19:48:55.202606Z","times_seen":5695,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-06-03T16:55:29.1795Z","times_seen":913814,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/runtime.af69759fd9c462f5.js","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e58cefd376bb1c215ebe9560044533c6","sha1":"6d9c4af615d17624d0a368e273d3a977e3e5330b","sha256":"35de07cf9c19a68fc7ba91c970dace47405de877d15c01f3d50230231602c080","sha512":"abc9416686cf80f72271cfaaad53c90966b1ed2a02f82d8605ae37df00f6d6c6ecbdedeb13c1965dd9b53a7487d1fa0492ae1eb69636dd078f35bb27d3726ba0","ssdeep":"","tlshash":"db51d6f42264fefa2ba548c11c3c94e5b8183033156bade2a71bdc16f62c9d44559f71","size":3155,"data":"","first_seen":"2025-11-11T16:14:52.513275Z","last_seen":"2025-12-13T14:51:29.325682Z","times_seen":2124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-128685315-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"49d950be4f8ef368a4320c0b9ce89ea4","sha1":"140b71f33f69cb649ce41c72b82a10efc69d43f8","sha256":"c2a1d88fb2f123c9d9539ce5c561ca62468902659080efbbb858c50c9d9959f8","sha512":"d729529c7b676155e8c30d732f559388cd8f228bbf0df8dad8f0948f569a27af7742ede71c2a111552881c5bd656ddccafa3235616d03cb3b6d00411ae1b9ba7","ssdeep":"6144:pxWgftyDUI23Yu0IVW66O7GQUO7LcUUfecq:poIoUHYuGO7bht","tlshash":"d56409cd73da74228393a474503f018ba27b69d2f84cc895f186d9d52e70aaa4277f3d","size":318848,"data":"","first_seen":"2025-11-27T12:53:02.619101Z","last_seen":"2025-11-27T21:24:12.934724Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"steadycash.net/sandbox%20eval%20code","fqdn":"steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-06-03T16:55:29.158802Z","times_seen":915493,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/5094.748084c728ef9183.js","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"17cf54aa8e2b69e38c3a2f3fcb84f758","sha1":"e0bc37da928c77325b0da41b58ecb8093755645e","sha256":"10026cd2bdcf571bb976653e082fe87637829db076fa70c30986ba7514a94a88","sha512":"ec3532bc1e43bab0ba666719cd737a38586ab24a2155f0684ec4c6398b5f52c7f50c794f46e46242fdf5edd8b5bc2204aaf4ec01b67c09816d5a6798eb922057","ssdeep":"3072:U8H++xR7hYSe1K9OXj90X3qlC+gy2+g74pv1342h80c9rRYc:9HVx5u1K8XjWXahc9rRYc","tlshash":"f004face3161352a43b550b1c93a090fb62e4d84a00d867dfb7c99cfb66d95812bef78","size":181549,"data":"","first_seen":"2025-10-29T14:43:55.912551Z","last_seen":"2026-02-09T17:58:00.643959Z","times_seen":4467,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.trustedform.com/trustedform-1.10.27.js","fqdn":"cdn.trustedform.com","domain":"trustedform.com","tld":"com"},"ip":{"addr":"65.9.46.23","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac04052d54015fce2d873e1539a69e9b","sha1":"d6447a38eb571e500aea60b8fd256556263b899a","sha256":"1f820f01f6d77e3a69d0e767b8a063c1f8985760606f8116b495ae7dcc07eb88","sha512":"3959f2bbe3c773d59c426c76bd344d3d69a053fbf6cd0610c5512893c890299d5a7c78bed46133679c15f1c64ec28d6c4f1c93bf7c4a0bb0693ba88e3cd968fe","ssdeep":"1536:/f6U5BtaL5StlSx/zVXhPiE3AaSkyY2cIc4VsyKn:/f6wBFSxzVxVAagjcITsy8","tlshash":"ebb308cc77c6b07b0ba370b1416f414bb23a6915688ea451d215f8e43c7894fa63bfad","size":110901,"data":"","first_seen":"2025-11-05T17:08:16.960024Z","last_seen":"2025-12-01T19:48:55.216075Z","times_seen":5694,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Playfair+Display|Work+Sans:300,400","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /css?family=Playfair+Display|Work+Sans:300,400 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://assets.steadycash.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 27 Nov 2025 12:52:35 GMT\r\ndate: Thu, 27 Nov 2025 12:52:35 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3986,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"97892f4a0db8eb2da817e21ef0712c50","sha1":"0bcf28b9f3fd31bd75bd683eb912912b0ed62cb2","sha256":"c0f548914a664996546b41da9c65e696ce30e21e97bcf61229d00fc9fc36f321","sha512":"049960ea9a1335d5140d221299ad617746c3c0a60482fbb6301ee5a517f2f467790a9b1e954e33ba6b12ebea4dc0d3592c148a995efb2bfc1f7d34f201b33e31","ssdeep":"","tlshash":"0e81ed91052aa11497835cc723cf7e329eaea15070849539bffe1d8cec5bc2aa275b0d","first_seen":"2025-09-12T01:12:18.645272Z","last_seen":"2026-06-03T16:50:48.896995Z","times_seen":1606,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":130,"dns":0,"connect":9,"send":0,"wait":19,"receive":0,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/5094.748084c728ef9183.js","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/5094.748084c728ef9183.js HTTP/1.1\r\nHost: assets.steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-guploader-uploadid: AOCedOEpcBnMqXzHU4TqAi9PKve3OL5WLFcWr8FupFdUNEzUGuSUKud-f2az2M8kA3iLuLn5Ii4cnGQ\r\nx-goog-generation: 1763488186925682\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: gzip\r\nx-goog-stored-content-length: 42958\r\ncontent-encoding: gzip\r\nx-goog-hash: crc32c=eFk0cg==, md5=zlbbuBqdHZMVDSAWI0uwPg==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccept-ranges: bytes\r\ncontent-length: 42958\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ndate: Tue, 18 Nov 2025 21:08:04 GMT\r\nexpires: Wed, 18 Nov 2026 21:08:04 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 17:49:46 GMT\r\netag: \"ce56dbb81a9d1d93150d2016234bb03e\"\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 747871\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":181549,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"17cf54aa8e2b69e38c3a2f3fcb84f758","sha1":"e0bc37da928c77325b0da41b58ecb8093755645e","sha256":"10026cd2bdcf571bb976653e082fe87637829db076fa70c30986ba7514a94a88","sha512":"ec3532bc1e43bab0ba666719cd737a38586ab24a2155f0684ec4c6398b5f52c7f50c794f46e46242fdf5edd8b5bc2204aaf4ec01b67c09816d5a6798eb922057","ssdeep":"3072:U8H++xR7hYSe1K9OXj90X3qlC+gy2+g74pv1342h80c9rRYc:9HVx5u1K8XjWXahc9rRYc","tlshash":"f004face3161352a43b550b1c93a090fb62e4d84a00d867dfb7c99cfb66d95812bef78","first_seen":"2025-10-29T14:43:55.912551Z","last_seen":"2026-02-09T17:58:00.643959Z","times_seen":4467,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"res.cloudinary.com/dbtcg826q/image/upload//t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/shared/defaultImages/logo-ola","fqdn":"res.cloudinary.com","domain":"cloudinary.com","tld":"com"},"ip":{"addr":"104.16.78.6","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudinary.com","organization":"Cloudinary Ltd"},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 24 Apr 2025 13:45:55 GMT","end":"Tue, 26 May 2026 13:45:55 GMT"},"fingerprint":{"sha1":"8C:61:DB:F4:59:AA:B3:DB:D3:12:E2:66:0A:25:C6:AB:C2:AD:20:6D","sha256":"72:8C:8C:F1:15:FA:11:D0:30:77:C3:1F:DA:FD:AB:28:E6:81:ED:68:D1:8B:B8:E3:EB:B6:58:30:DD:87:8B:C3"}}},"request":{"raw":"GET /dbtcg826q/image/upload//t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/shared/defaultImages/logo-ola HTTP/1.1\r\nHost: res.cloudinary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: image/png\r\ncontent-length: 10608\r\nserver: cloudflare\r\ncf-ray: 9a51c37f0a400b69-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, no-transform, max-age=2592000\r\netag: \"79c49bbf1ebb397f9bdfac62c84ff457\"\r\nlast-modified: Tue, 18 Nov 2025 21:01:17 GMT\r\nstrict-transport-security: max-age=604800\r\nvary: Accept-Encoding\r\naccess-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options\r\nserver-timing: cld-cloudflare;dur=14;start=2025-11-27T12:52:36.328Z;desc=hit,rtt;dur=1,content-info;desc=\"width=175,height=67,bytes=10608,format=\"png\",owidth=175,oheight=67,obytes=10608,crt=1763499676,ocrt=1763488217,ef=(17);\"\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-request-id: 0729cd4276ebf4523427a92e220385d8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10608,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 175 x 67, 8-bit/color RGBA, non-interlaced","md5":"79c49bbf1ebb397f9bdfac62c84ff457","sha1":"12b00bf60796e164f4d5b8cded5f44f400e51aec","sha256":"e774d5f44935441113829bba2ee81777c401e2d5fac92607a2b5b9965518e723","sha512":"fd16fb7442176959d5fcdc8c326a5a71955b103ef9008bbd5907171eaebd3a0447b6e531427a6d3f4504ec365606092f26e1a0df54596ed64f53efc97d4eaf20","ssdeep":"192:/ILQwmZv+f01oa2ZjuDXlkvUJYg43hBM2Qrm5mYfb4NExeM/:/ILQvBfCxjuzp/aBQr4kNEx3","tlshash":"7e22c1f694fcd8819ec64820b567a36413be54dc5d01048c8c22c6fcf20e99af7b534a","first_seen":"2023-05-07T20:58:41Z","last_seen":"2026-06-03T16:50:48.895835Z","times_seen":9106,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-Z1EMQ8T80Q\u0026cx=c\u0026gtm=4e5bj0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=G-Z1EMQ8T80Q\u0026cx=c\u0026gtm=4e5bj0h2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\nexpires: Thu, 27 Nov 2025 12:52:36 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 139976\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":414280,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"5a2b00e363b96ab35147e65b5cb12502","sha1":"3e80120173850c34d24cc2774e77fff4002fad47","sha256":"c5e1cada5a7dd7222495793c6fcbb50a306d5ea53cfd5a3ff9981acb2d88c9da","sha512":"9082a1feba3897c46c0d1ab18b131bde341d5544c4aefc6776551ccf1dc545fa57e5026da4a727fc2108d564bf1089745f556a0a0a4a024b1f5898633dfdffa4","ssdeep":"6144:cROWgKOtdDUI23ECULUVW66O7GQEO75keV0sBLatgFvw:cRN3O3UHECUfO7Zy","tlshash":"b49418ce73d674265396f078503f018ba57b28a2b44cc896f1c9c9e52e74a9a4237f7c","first_seen":"2025-11-27T12:53:02.598805Z","last_seen":"2025-11-27T12:53:02.598805Z","times_seen":1,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.trustedform.com/certs/1696ae88a50d02fec31931002c5758172009ddae/fingerprints","fqdn":"api.trustedform.com","domain":"trustedform.com","tld":"com"},"ip":{"addr":"54.160.9.121","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:37.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trustedform.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 08 Jun 2025 00:00:00 GMT","end":"Sun, 05 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:AB:43:B1:B0:8A:50:79:5D:75:F8:50:2E:87:D1:61:C3:A5:FC:9E","sha256":"09:8E:30:0B:F3:24:44:6F:55:46:4A:1B:16:24:36:37:D9:D0:35:CF:AA:A7:BE:E0:F9:A9:69:8B:64:53:7F:D3"}}},"request":{"raw":"POST /certs/1696ae88a50d02fec31931002c5758172009ddae/fingerprints HTTP/1.1\r\nHost: api.trustedform.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 219\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":219,"data":"{\"fingerprints\":[\"e0c0e8733277cb5410ba45368317b09c153bde6d\",\"0a51752a41491c29c1ccc4c4e9f92aa0e2af45b4\"],\"token\":\"NnqtoKDug3tNcJeYyq+pEWgsIOia+fVV5xb0CDqfZu5wL0hHNuerjZ3w/hr1sT3a//Tw8idco39OjWhiv0x72D87f5ZKt6i9ooCL6JfX\"}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 27 Nov 2025 12:52:37 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: \r\ncache-control: max-age=0, private, must-revalidate\r\nserver: Cowboy\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]},{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/polyfills.426d8f8069b0e02d.js","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/polyfills.426d8f8069b0e02d.js HTTP/1.1\r\nHost: assets.steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOGOy-_GWkrVaQYpjJRKqXNwEVVtnDc-YzbgiSWLVpPOd-CbqdtqrZM1xIMwMfC4jc_cfOQcb1U\r\nx-goog-generation: 1763488183494115\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: gzip\r\nx-goog-stored-content-length: 19327\r\ncontent-encoding: gzip\r\nx-goog-hash: crc32c=j8C2lw==, md5=6t8fLjEiftcAfmMsyk1x8w==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccept-ranges: bytes\r\ncontent-length: 19327\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ndate: Tue, 18 Nov 2025 21:08:03 GMT\r\nexpires: Wed, 18 Nov 2026 21:08:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 17:49:43 GMT\r\netag: \"eadf1f2e31227ed7007e632cca4d71f3\"\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 747872\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":54469,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (54469), with no line terminators","md5":"d4e8da647e1bb7bb7c4b5b26a0690a2c","sha1":"fea1df4ad6abda1288ed44112a914c98b45e8d51","sha256":"68ebd42a00fbf307335b7b258a9e6c27a0eac10f826934fb1fde770cfb6f19a2","sha512":"6f3509c382ff54547be185952e56e6083f1bab1228d386a47d1dfd2c142dea9683eabaae3fd183960692c2c1e79990d9dba8fc5f43891b1215e56ab1b4ab2e7f","ssdeep":"768:qZtyWbSxewTodTTlHJVqMcgf9cRaMi3ZTS/vdNgE2DSJiaYNE//aEhOQty5R4Gfl:nVZqZn6R6etATNLDoWR59","tlshash":"8833f7da7392b0a247b3a0e6917f8407f22529a4785cc8f4e61f89d53c7a049d167f2e","first_seen":"2025-06-03T15:20:31.980426Z","last_seen":"2026-06-03T16:50:48.898835Z","times_seen":9077,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":84,"dns":48,"connect":12,"send":0,"wait":14,"receive":5,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Montserrat:300,500,600|Open+Sans","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /css?family=Montserrat:300,500,600|Open+Sans HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://assets.steadycash.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 27 Nov 2025 12:52:35 GMT\r\ndate: Thu, 27 Nov 2025 12:52:35 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11424,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"9a5f8f10c1aff0c3157382c8cb869d78","sha1":"185a5c73ab196cdff36ba9c3bcf601a015352d01","sha256":"74f57688c211970d6be9df500bcac256590b0080b0f24620b0f17fb29e82bcb3","sha512":"10a17ee8999f90f28435494fe4b56332ab2db6605f3e7a8f92e18d23f403ef9b97845c3b3e04fcf21000f6c9db8944d37d6f1ac40cf8fc2d8917be725f9983f4","ssdeep":"192:XRH7YQONuyR97uGOXu7R47nfOeul9AWjBF1INqbCbqGIwV4Rzlqx:BbipbA+VJqqY4I","tlshash":"b632fc91001ba40067472cca23cf7e35de4f62617084c47aabfe5ea9ede6c26637572d","first_seen":"2025-09-18T07:08:36.943459Z","last_seen":"2026-06-03T08:53:14.972725Z","times_seen":965,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":65,"dns":0,"connect":7,"send":0,"wait":20,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.trustedform.com/trustedform.js?provide_referrer=false\u0026field=xxTrustedFormCertUrl\u0026l=17642479557060.24437161291510967\u0026invert_field_sensitivity=false\u0026sandbox=false","fqdn":"api.trustedform.com","domain":"trustedform.com","tld":"com"},"ip":{"addr":"54.160.9.121","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trustedform.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 08 Jun 2025 00:00:00 GMT","end":"Sun, 05 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:AB:43:B1:B0:8A:50:79:5D:75:F8:50:2E:87:D1:61:C3:A5:FC:9E","sha256":"09:8E:30:0B:F3:24:44:6F:55:46:4A:1B:16:24:36:37:D9:D0:35:CF:AA:A7:BE:E0:F9:A9:69:8B:64:53:7F:D3"}}},"request":{"raw":"GET /trustedform.js?provide_referrer=false\u0026field=xxTrustedFormCertUrl\u0026l=17642479557060.24437161291510967\u0026invert_field_sensitivity=false\u0026sandbox=false HTTP/1.1\r\nHost: api.trustedform.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: awselb/2.0\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: text/html\r\ncontent-length: 134\r\nlocation: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false\u0026field=xxTrustedFormCertUrl\u0026l=17642479557060.24437161291510967\u0026invert_field_sensitivity=false\u0026sandbox=false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Amazon ELB","description":"AWS ELB is a network load balancer service provided by Amazon Web Services for distributing traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":19915,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":985,"timings":{"blocked":446,"dns":11,"connect":93,"send":0,"wait":93,"receive":0,"ssl":339},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/shared/defaultImages/seal-ola","fqdn":"res.cloudinary.com","domain":"cloudinary.com","tld":"com"},"ip":{"addr":"104.16.78.6","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudinary.com","organization":"Cloudinary Ltd"},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 24 Apr 2025 13:45:55 GMT","end":"Tue, 26 May 2026 13:45:55 GMT"},"fingerprint":{"sha1":"8C:61:DB:F4:59:AA:B3:DB:D3:12:E2:66:0A:25:C6:AB:C2:AD:20:6D","sha256":"72:8C:8C:F1:15:FA:11:D0:30:77:C3:1F:DA:FD:AB:28:E6:81:ED:68:D1:8B:B8:E3:EB:B6:58:30:DD:87:8B:C3"}}},"request":{"raw":"GET /dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/shared/defaultImages/seal-ola HTTP/1.1\r\nHost: res.cloudinary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6216\r\nserver: cloudflare\r\ncf-ray: 9a51c37e39a80b69-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: private, no-transform, max-age=2592000\r\ncontent-disposition: inline; filename=\"seal-ola.webp\"\r\netag: \"2b7deec9097a2ce2e324b836e7c06d90\"\r\nlast-modified: Tue, 18 Nov 2025 21:01:15 GMT\r\nstrict-transport-security: max-age=604800\r\nvary: Accept,User-Agent,Save-Data, Accept-Encoding\r\naccess-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options\r\nserver-timing: cld-cloudflare;dur=19;start=2025-11-27T12:52:36.199Z;desc=hit,rtt;dur=1,content-info;desc=\"width=125,height=125,bytes=6216,format=\"webp\",owidth=125,oheight=125,obytes=33464,oformat=\"png\",crt=1763499674,ocrt=1763488204,ef=(1,11,13,17);\"\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-request-id: 80974367fc877e413958621ab7a5d1e9\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6216,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2b7deec9097a2ce2e324b836e7c06d90","sha1":"4ed7c7ad6b60d1561e6eb998161eb45b47201539","sha256":"d2d1aff262fa609da293127959bdb5bb415cbaa722165b612ab53a13e44d8812","sha512":"b31ccf8f80309f93392148003cd8de0e3dd527db58843663bbbdd04f1fc117f35593a31b38f3ab52fdb31526d9692e043aab769f76d4f9117c09b2f8168f9c6a","ssdeep":"96:ud0agf7GdIDlKcFEB6SSbRNwt/G383al42upfsy6fHx5AUi2/FT25d7JaIsYUi6Q:KgfxFFW5SbRNU/MuHsy6fYUI5DaIsncr","tlshash":"5dd1aeba803294560e3ee97d97ca6d1f0330c1ebc5e211a70f94ceaaa230e25d791395","first_seen":"2023-05-07T20:58:41Z","last_seen":"2026-06-03T16:50:48.889899Z","times_seen":9109,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":19,"dns":1,"connect":1,"send":0,"wait":32,"receive":1,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dfgtrk5.com/RqnQW?affid=1017\u0026firstName=\u0026lastName=\u0026email=\u0026zip=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389","fqdn":"dfgtrk5.com","domain":"dfgtrk5.com","tld":"com"},"ip":{"addr":"34.102.181.184","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-27T12:52:34.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dfgtrk5.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 12:03:00 GMT","end":"Wed, 18 Feb 2026 12:57:14 GMT"},"fingerprint":{"sha1":"2D:99:5B:95:52:CD:C2:42:41:D6:6E:94:48:F3:1C:1E:DB:BE:1B:95","sha256":"99:60:C1:98:82:86:C0:19:9F:CA:26:A7:20:B6:72:26:09:6F:D1:CE:6A:F2:33:68:E6:DF:BA:24:C5:1C:A4:46"}}},"request":{"raw":"GET /RqnQW?affid=1017\u0026firstName=\u0026lastName=\u0026email=\u0026zip=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389 HTTP/1.1\r\nHost: dfgtrk5.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=\r\ncontent-length: 0\r\ndate: Thu, 27 Nov 2025 12:52:34 GMT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":50191,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":699,"timings":{"blocked":271,"dns":22,"connect":25,"send":0,"wait":156,"receive":0,"ssl":221},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-11-27","alert":"Phishing Block","trigger":"dfgtrk5.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"dfgtrk5.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","fqdn":"steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"34.121.35.39","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-27T12:52:34.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip= HTTP/1.1\r\nHost: steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nset-cookie: Authorization=AAHFPkcoFrZnbx7O6eJqQJ9kZlpcUEQ23w0F9lKXN9KFXfKYgSzxCdbiD9Io9FAq8SE=; Max-Age=1800; Expires=Thu, 27 Nov 2025 13:22:35 GMT; Path=/; Secure\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nvary: accept-encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/html;charset=UTF-8\r\ncontent-language: en-US\r\ntransfer-encoding: chunked\r\ndate: Thu, 27 Nov 2025 12:52:35 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":50191,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (50191), with no line terminators","md5":"8d2380896a3e2e7ee5e2ea98902dce24","sha1":"0977e9744a2ef52b87f690b9a571b4fb1c35c9b9","sha256":"3799eef6f96015363d3f31b1f6fc29785fa264d54399080a38208fe836a857f2","sha512":"175f52e8778897eb262d7c8396d37576cac87eec807f5cbe93bad96824c1ce996ccaf0c6dc111f641d185d5cb30d43966f8e6f09042d21f96dc63f853a64712b","ssdeep":"768:ltND4VsODWJ68cFElxp8zmEsmv3pQVNZiNQ94pqj:ltKlB8YElxPnmv3pQVeqj","tlshash":"5d33fb86daf1ceac0c60517b7888c0629bdc2e0f48f458f1f7fe4b5e916664e909a74d","first_seen":"2025-11-23T06:54:10.788627Z","last_seen":"2025-12-04T10:24:08.128866Z","times_seen":6,"resource_available":false,"data":null}},"time_used":755,"timings":{"blocked":281,"dns":28,"connect":123,"send":0,"wait":193,"receive":0,"ssl":128},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/steadycash.net.css","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/steadycash.net.css HTTP/1.1\r\nHost: assets.steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOFjAJJVCu6g2EU5UK9RAs66pxZKnmqLHzU__sHx7VwVyihMfd_Qo_l5RtNpRdlULc4GGaYN6Q8\r\nx-goog-generation: 1763488187733176\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: gzip\r\nx-goog-stored-content-length: 30010\r\ncontent-encoding: gzip\r\nx-goog-hash: crc32c=cBr/HA==, md5=PZKYvaWJFHQutS+qR1OVOg==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccept-ranges: bytes\r\ncontent-length: 30010\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Type, Access-Control-Allow-Origin\r\nserver: UploadServer\r\ndate: Thu, 20 Nov 2025 20:14:12 GMT\r\nexpires: Fri, 20 Nov 2026 20:14:12 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 17:49:47 GMT\r\netag: \"3d9298bda58914742eb52faa4753953a\"\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 578303\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":201811,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65205)","md5":"852dc08f0619717d54b655b9e0c32fa3","sha1":"5a830b83a8ce51747a377431c4d184b906d05f42","sha256":"5fe1bad9064cc806a4f031d78c7fc0501bdc24963b39afc54c27ff443ee59171","sha512":"a1bcffc29f50e0bfa1000bc0d4849f7c7da19f864048202be306d91c8771fe37d57e07a0e61f12e1d956cfc4e9126d0c55d73b0bd9e646afbd898623f8bbfea8","ssdeep":"1536:ewXjl+I69HZyiqOk34NMfy0DT7GCd57CGCd57zTY:30ahzGECGEzTY","tlshash":"2c14b651f52030ae3273c16975d1bedb272a6043d6a64ef6f02b76e84bc84da1273f19","first_seen":"2025-11-18T22:07:57.57458Z","last_seen":"2025-12-10T07:56:45.893903Z","times_seen":68,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":117,"dns":50,"connect":29,"send":0,"wait":49,"receive":12,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 25 Nov 2025 21:43:03 GMT\r\nexpires: Wed, 25 Nov 2026 21:43:03 GMT\r\ncache-control: public, max-age=31536000\r\nage: 140972\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-06-03T16:57:04.343675Z","times_seen":505989,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":65,"dns":0,"connect":7,"send":0,"wait":8,"receive":8,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.trustedform.com/bootstrap.js?provide_referrer=false\u0026field=xxTrustedFormCertUrl\u0026l=17642479557060.24437161291510967\u0026invert_field_sensitivity=false\u0026sandbox=false","fqdn":"cdn.trustedform.com","domain":"trustedform.com","tld":"com"},"ip":{"addr":"65.9.46.23","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.trustedform.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 13 Jan 2025 00:00:00 GMT","end":"Tue, 10 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DE:54:2A:17:15:5E:25:8E:83:28:1E:11:46:BC:0D:35:08:6E:B5:44","sha256":"D9:BF:A7:21:D0:CC:C5:30:96:23:75:3E:EB:A8:D3:29:C6:80:7E:94:A4:29:D1:19:E1:44:9C:74:19:07:4C:45"}}},"request":{"raw":"GET /bootstrap.js?provide_referrer=false\u0026field=xxTrustedFormCertUrl\u0026l=17642479557060.24437161291510967\u0026invert_field_sensitivity=false\u0026sandbox=false HTTP/1.1\r\nHost: cdn.trustedform.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://steadycash.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Thu, 27 Nov 2025 12:52:37 GMT\r\nlast-modified: Wed, 05 Nov 2025 17:06:10 GMT\r\nx-amz-version-id: BWfrFMWHdsj_Zw_sYGmqJhobzMfjNsew\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\netag: W/\"0ffeeb3affcf96d282702d551182b7c4\"\r\nvary: accept-encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 b80af6d90290b622c680fa62cff91fca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: LplU5SRsh1gyhsC1WS5h-YjL0IGrYvhlenjOdSuiq1A8b3FdDwxelg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":19915,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19914)","md5":"0ffeeb3affcf96d282702d551182b7c4","sha1":"8990f6eea7efe2f96bc5794a8cd4d4590f215895","sha256":"82e16087af8922b05cb794ad7d49bc5985e272dcff47484963f30821607cd1f1","sha512":"1e0ede6927a24383e56804caf43bff00b20e9381b59359b34146b2bfc02bb699743d3be08c7c6c6063c17d1667f5c9e8f036ecd309d6aec5362032d7fbbe3aa9","ssdeep":"384:uJ5BLkGVfK5k/QoJ69cdlYo4kVW1Wk0PfTKoT2VUSoHs7sy7fSaup9p6bX:uJ5BgUfK5YX69cdlYo4kVW1Wk0PfTKou","tlshash":"7a921a4ab6a8b43d0b6721f2a13f920bf3712525390b50504269c9f43e79d8f961bf9e","first_seen":"2025-11-05T17:08:16.978573Z","last_seen":"2025-12-01T19:48:55.202606Z","times_seen":5695,"resource_available":true,"data":null}},"time_used":434,"timings":{"blocked":135,"dns":22,"connect":12,"send":0,"wait":162,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-SCVH02FKWL\u0026cx=c\u0026gtm=4e5bj0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=G-SCVH02FKWL\u0026cx=c\u0026gtm=4e5bj0h2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncross-origin-resource-policy: cross-origin\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: Google Tag Manager\r\ncontent-length: 1610\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-128685315-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=UA-128685315-1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\nexpires: Thu, 27 Nov 2025 12:52:36 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 110920\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":318848,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"49d950be4f8ef368a4320c0b9ce89ea4","sha1":"140b71f33f69cb649ce41c72b82a10efc69d43f8","sha256":"c2a1d88fb2f123c9d9539ce5c561ca62468902659080efbbb858c50c9d9959f8","sha512":"d729529c7b676155e8c30d732f559388cd8f228bbf0df8dad8f0948f569a27af7742ede71c2a111552881c5bd656ddccafa3235616d03cb3b6d00411ae1b9ba7","ssdeep":"6144:pxWgftyDUI23Yu0IVW66O7GQUO7LcUUfecq:poIoUHYuGO7bht","tlshash":"d56409cd73da74228393a474503f018ba27b69d2f84cc895f186d9d52e70aaa4277f3d","first_seen":"2025-11-27T12:53:02.619101Z","last_seen":"2025-11-27T21:24:12.934724Z","times_seen":3,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":88,"dns":0,"connect":8,"send":0,"wait":29,"receive":25,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments/steadycash.net/env.json","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments/steadycash.net/env.json HTTP/1.1\r\nHost: assets.steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOH4m1Y2Ba1DZHsvFwFYnnqZrONomxEpOdIT54DQyk9921h7GHdwzaEhRUVLsm6W3RyOemjKUjo\r\nx-goog-generation: 1763488262818615\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: gzip\r\nx-goog-stored-content-length: 293\r\ncontent-encoding: gzip\r\nx-goog-hash: crc32c=XpEZNQ==, md5=q0rPSPWjaSp9elaPXhv11g==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccept-ranges: bytes\r\ncontent-length: 293\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ndate: Tue, 18 Nov 2025 22:07:31 GMT\r\nexpires: Wed, 18 Nov 2026 22:07:31 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 17:51:02 GMT\r\netag: \"ab4acf48f5a3692a7d7a568f5e1bf5d6\"\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nage: 744304\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":607,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6b876f37ee56fc88a1184645eb39345b","sha1":"96c7f04c8767ab48f4d1fc2605f8667a68109f73","sha256":"d6fecc7bd737ca7afb9be1a16c8822a45daab90dd30546bdd7c436b444510752","sha512":"11bec1e7c6e8bb94596041edd7e24c54f6559157b4c8508e933d5435815aca30363f4ef39e2ba9334127925793a97c3014f39b0cb9f9863839aa72a20c0247a7","ssdeep":"","tlshash":"f9f0fcb8d12c1c5307c4546884ef0282a469ec07c7447d7675cf4b4d4f5ea39687a35a","first_seen":"2025-08-04T00:29:01.695449Z","last_seen":"2026-05-10T22:20:44.832383Z","times_seen":420,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/1130.06f613c93ccd4b7e.js","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/1130.06f613c93ccd4b7e.js HTTP/1.1\r\nHost: assets.steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-guploader-uploadid: AOCedOE5jYDQBIk6l3bptAY9NdVpAd8Y8OfVECpWIuYaAQfSA57UJ1Bi2Rm7u1APYHqSRROZ8ERF7aY\r\nx-goog-generation: 1763488178031117\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: gzip\r\nx-goog-stored-content-length: 19241\r\ncontent-encoding: gzip\r\nx-goog-hash: crc32c=LkS/hw==, md5=Bpv/ML5MUy/BRv2GHYyTBg==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccept-ranges: bytes\r\ncontent-length: 19241\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ndate: Thu, 20 Nov 2025 19:13:28 GMT\r\nexpires: Fri, 20 Nov 2026 19:13:28 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 17:49:38 GMT\r\netag: \"069bff30be4c532fc146fd861d8c9306\"\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 581947\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":80782,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9415c83e1380f3452354f9527f95e063","sha1":"b6f04c6a344168b18785b3c39aa3d2f6081990e2","sha256":"481dfa3af02c9b1ceded5a1f36f9b786603acaa8feccc5a7ae20b145b2acbee7","sha512":"0de60d8cc478c63e79802f8bf77780c2d4a7c344f9293705a5218489e080bb5d2e232ba573f37e4dd67c04f2f90594bdcc8400f37eb558368c42ecfb3c421a4d","ssdeep":"768:YHCEAU59uZkVEF8uqsah5QDT4qgWdE+u9ZOUR64ivtdghODCDODxRiiSd4SDddDW:zzkP3spilOFFAD/id8PFh+","tlshash":"9c835b5795e123f893e310b8e67baa01626c6d04b90a40d8f66ccd9d33dcda85277b3d","first_seen":"2025-11-11T16:14:52.52373Z","last_seen":"2025-12-13T14:51:29.352506Z","times_seen":1451,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"steadycash.net/api/v1/userApplication/pageView?pageId=bd8f2b48-7059-48ba-a64e-565b3f6449fb","fqdn":"steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"34.121.35.39","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"POST /api/v1/userApplication/pageView?pageId=bd8f2b48-7059-48ba-a64e-565b3f6449fb HTTP/1.1\r\nHost: steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nCookie: Authorization=AAHFPkcoFrZnbx7O6eJqQJ9kZlpcUEQ23w0F9lKXN9KFXfKYgSzxCdbiD9Io9FAq8SE=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/1.1 200 \r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\ncontent-length: 0\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/shared/defaultImages/ssl","fqdn":"res.cloudinary.com","domain":"cloudinary.com","tld":"com"},"ip":{"addr":"104.16.78.6","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudinary.com","organization":"Cloudinary Ltd"},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 24 Apr 2025 13:45:55 GMT","end":"Tue, 26 May 2026 13:45:55 GMT"},"fingerprint":{"sha1":"8C:61:DB:F4:59:AA:B3:DB:D3:12:E2:66:0A:25:C6:AB:C2:AD:20:6D","sha256":"72:8C:8C:F1:15:FA:11:D0:30:77:C3:1F:DA:FD:AB:28:E6:81:ED:68:D1:8B:B8:E3:EB:B6:58:30:DD:87:8B:C3"}}},"request":{"raw":"GET /dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/shared/defaultImages/ssl HTTP/1.1\r\nHost: res.cloudinary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6402\r\nserver: cloudflare\r\ncf-ray: 9a51c37e49bd0b69-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: private, no-transform, max-age=2592000\r\ncontent-disposition: inline; filename=\"ssl.webp\"\r\netag: \"cd6f0641ba0a21ade2f8eff4ccca7224\"\r\nlast-modified: Tue, 18 Nov 2025 21:01:16 GMT\r\nstrict-transport-security: max-age=604800\r\nvary: Accept,User-Agent,Save-Data, Accept-Encoding\r\naccess-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options\r\nserver-timing: cld-cloudflare;dur=12;start=2025-11-27T12:52:36.212Z;desc=hit,rtt;dur=1,content-info;desc=\"width=800,height=358,bytes=6402,format=\"webp\",owidth=800,oheight=358,obytes=17609,oformat=\"png\",crt=1763499675,ocrt=1763488213,ef=(1,11,13,17);\"\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-request-id: 52ceb4e363b0c7bee9a56d431b0ce099\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6402,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cd6f0641ba0a21ade2f8eff4ccca7224","sha1":"24c574d11879cd467317515085b9b70fe22bcccc","sha256":"abf14bb4dca5ed50dbb3a0e8254fd80e67bdd1574337750ee3fc285df572541d","sha512":"aa9d0f1efd97f3003acfdfc011cb3b2d8b64d409b74a4e12fbf36d5881da8c70fd4e13454d5ba7e12656899a817af07dd8af57002c9789046709355c9cbf9493","ssdeep":"96:Ec7+YUaumddgSz2DXHURiv66/OGcljnVYEdmkr/xgLUuhCy6nz/AgoefQ/MF+p2V:D7+Y+SiHURimGchb5Kwun0AgoefduM","tlshash":"0dd18d290188bd7ac738bf94601a55dc1225cbe52aa1508b9a9fe134cffaf0c56b7a44","first_seen":"2023-05-29T15:16:41Z","last_seen":"2026-06-03T08:52:48.233674Z","times_seen":5202,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"res.cloudinary.com/dbtcg826q/image/upload/w_2000,h_1340,q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments//steadycash.net/images/bg","fqdn":"res.cloudinary.com","domain":"cloudinary.com","tld":"com"},"ip":{"addr":"104.16.78.6","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudinary.com","organization":"Cloudinary Ltd"},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 24 Apr 2025 13:45:55 GMT","end":"Tue, 26 May 2026 13:45:55 GMT"},"fingerprint":{"sha1":"8C:61:DB:F4:59:AA:B3:DB:D3:12:E2:66:0A:25:C6:AB:C2:AD:20:6D","sha256":"72:8C:8C:F1:15:FA:11:D0:30:77:C3:1F:DA:FD:AB:28:E6:81:ED:68:D1:8B:B8:E3:EB:B6:58:30:DD:87:8B:C3"}}},"request":{"raw":"GET /dbtcg826q/image/upload/w_2000,h_1340,q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments//steadycash.net/images/bg HTTP/1.1\r\nHost: res.cloudinary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://assets.steadycash.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: image/webp\r\ncontent-length: 233914\r\nserver: cloudflare\r\ncf-ray: 9a51c37f0a470b69-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: private, no-transform, max-age=2592000\r\ncontent-disposition: inline; filename=\"bg.webp\"\r\netag: \"f48fc08b4356c7a0373bf58072d4cfac\"\r\nlast-modified: Tue, 18 Nov 2025 21:04:36 GMT\r\nstrict-transport-security: max-age=604800\r\nvary: Accept,User-Agent,Save-Data, Accept-Encoding\r\naccess-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options\r\nserver-timing: cld-cloudflare;dur=19;start=2025-11-27T12:52:36.333Z;desc=hit,rtt;dur=1,content-info;desc=\"width=2000,height=1340,bytes=233914,format=\"webp\",owidth=3000,oheight=2010,obytes=3919659,oformat=\"jpg\",crt=1763499875,ocrt=1763488263,ef=(1,11,13,17,97);\"\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-request-id: 9d8971e1553df9ddc9fa386ff3213a7c\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":233914,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2000x1340, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f48fc08b4356c7a0373bf58072d4cfac","sha1":"a8a5c44f25e6c14a7574a710dac8f00aefbd1bb6","sha256":"2e916c985919bc17bc420afc911ac0e2ac65933c3efcfb738f96bb75fe6b94b4","sha512":"9b2fffba4683e7294c9a2cd82814923b9e29e8b3f74f21ab4ac968b77cee918399ef72a39e630f2fbbc44ddac531162ce4421ce592162e5b1d2b8559523438ee","ssdeep":"3072:nEEJgVbtQ4nO9Y9VbWX9mAwsMG8d5yN/+NSkBYS1zpGZ5jZQ8jC243zrRqY:nEDFffamAwsMjZ1EZpYrQY","tlshash":"9834231ec35f16c9a42db93ebd3384f14c955d12b90a231b4a0c63799b167e83accf64","first_seen":"2024-08-20T11:12:13.433902Z","last_seen":"2026-05-10T22:20:44.836398Z","times_seen":421,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/main.a90ee03cbacb6f13.js","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/main.a90ee03cbacb6f13.js HTTP/1.1\r\nHost: assets.steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOG2xRI29qVzpYqnHPV_tDqheJSTdktNJE0Tr2g8B_y_iQqRWtBcjLoFjr7TMm1hwrMAribXBfw\r\nx-goog-generation: 1763488177214548\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: gzip\r\nx-goog-stored-content-length: 252092\r\ncontent-encoding: gzip\r\nx-goog-hash: crc32c=kw9W1w==, md5=zYQOhIfLc8G2QtUblZlwOQ==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccept-ranges: bytes\r\ncontent-length: 252092\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ndate: Mon, 24 Nov 2025 01:04:02 GMT\r\nexpires: Tue, 24 Nov 2026 01:04:02 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 17:49:37 GMT\r\netag: \"cd840e8487cb73c1b642d51b95997039\"\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 301713\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":885472,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3897b1fd9bad0ac1ab4666cb13b864bd","sha1":"679e40583e433d9ade3b5079b00a56f0e2b781db","sha256":"211e271255ee09cc1f8ec41713c56f1ab23162ff20cbd1025595ce586749f5d5","sha512":"2a8ca6c9acb901458f7650af0057fb842328ab629457c5d693eb2799d3c3c6000199db8d8f916fa317c90af1b9cb767b16974c0d28a5bf239de904295cc5dba5","ssdeep":"24576:eO29baK7VEeQE1hKzX7fgz9egUkk8nqShk8cP7qysORsTY8aq9xu5pHOc5clFMnf:Oeg3k8nqShk8cP7qysORsTY8aq9xu5pR","tlshash":"7b154ad67295702647d700e6517b4543f22d2844790984acfaaccdee3bb8d48a3bbb7c","first_seen":"2025-11-18T21:08:28.415339Z","last_seen":"2025-12-13T14:51:29.334152Z","times_seen":1366,"resource_available":true,"data":null}},"time_used":284,"timings":{"blocked":111,"dns":48,"connect":29,"send":0,"wait":14,"receive":42,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments/steadycash.net/images/logo","fqdn":"res.cloudinary.com","domain":"cloudinary.com","tld":"com"},"ip":{"addr":"104.16.78.6","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudinary.com","organization":"Cloudinary Ltd"},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 24 Apr 2025 13:45:55 GMT","end":"Tue, 26 May 2026 13:45:55 GMT"},"fingerprint":{"sha1":"8C:61:DB:F4:59:AA:B3:DB:D3:12:E2:66:0A:25:C6:AB:C2:AD:20:6D","sha256":"72:8C:8C:F1:15:FA:11:D0:30:77:C3:1F:DA:FD:AB:28:E6:81:ED:68:D1:8B:B8:E3:EB:B6:58:30:DD:87:8B:C3"}}},"request":{"raw":"GET /dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments/steadycash.net/images/logo HTTP/1.1\r\nHost: res.cloudinary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6470\r\nserver: cloudflare\r\ncf-ray: 9a51c37e29a40b69-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: private, no-transform, max-age=2592000\r\ncontent-disposition: inline; filename=\"logo.webp\"\r\netag: \"0c323fe9cf80eb551b41e01d81832e84\"\r\nlast-modified: Tue, 18 Nov 2025 21:01:16 GMT\r\nstrict-transport-security: max-age=604800\r\nvary: Accept,User-Agent,Save-Data, Accept-Encoding\r\naccess-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options\r\nserver-timing: cld-cloudflare;dur=16;start=2025-11-27T12:52:36.214Z;desc=hit,rtt;dur=1,content-info;desc=\"width=950,height=139,bytes=6470,format=\"webp\",owidth=950,oheight=139,obytes=25085,oformat=\"png\",crt=1763499675,ocrt=1763488264,ef=(1,11,13,17);\"\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-request-id: 6365655055e83a1bf239f42c34ea93d1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6470,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0c323fe9cf80eb551b41e01d81832e84","sha1":"d4ce20c0fcbe2b7a018af0e6a4ef14970400a392","sha256":"d4f59e5b0a4cffff5e65fa5c15c017ff52d6db2b0dcedd7d14b2a708e25cf775","sha512":"c65860ab6dd58544fd7bdd5b640b8ea9e26e0c25ca05d65ef72ace4968b11dbc1fbe60bbaa922e6f80e29dbb015864c3ee09a871e22642a278d0227a4e86f416","ssdeep":"192:D08AquaCEoPQE47ibDMLY8FrV8v+kBAeLlJd5:K9EoIjGDMUzJ1","tlshash":"ecd17d889a3ca51c5ef56d4a0bc711f561164b0a9bf145bb252165b3bcc68d39acf200","first_seen":"2024-08-20T11:12:13.426257Z","last_seen":"2026-05-10T22:20:44.835943Z","times_seen":421,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":21,"dns":6,"connect":1,"send":0,"wait":48,"receive":1,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments//steadycash.net/images/fastapproval","fqdn":"res.cloudinary.com","domain":"cloudinary.com","tld":"com"},"ip":{"addr":"104.16.78.6","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudinary.com","organization":"Cloudinary Ltd"},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 24 Apr 2025 13:45:55 GMT","end":"Tue, 26 May 2026 13:45:55 GMT"},"fingerprint":{"sha1":"8C:61:DB:F4:59:AA:B3:DB:D3:12:E2:66:0A:25:C6:AB:C2:AD:20:6D","sha256":"72:8C:8C:F1:15:FA:11:D0:30:77:C3:1F:DA:FD:AB:28:E6:81:ED:68:D1:8B:B8:E3:EB:B6:58:30:DD:87:8B:C3"}}},"request":{"raw":"GET /dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments//steadycash.net/images/fastapproval HTTP/1.1\r\nHost: res.cloudinary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://assets.steadycash.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5828\r\nserver: cloudflare\r\ncf-ray: 9a51c37f0a4b0b69-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: private, no-transform, max-age=2592000\r\ncontent-disposition: inline; filename=\"fastapproval.webp\"\r\netag: \"81c49f391476deb5c7922496f5b3ff1e\"\r\nlast-modified: Tue, 18 Nov 2025 21:04:35 GMT\r\nstrict-transport-security: max-age=604800\r\nvary: Accept,User-Agent,Save-Data, Accept-Encoding\r\naccess-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options\r\nserver-timing: cld-cloudflare;dur=17;start=2025-11-27T12:52:36.333Z;desc=hit,rtt;dur=1,content-info;desc=\"width=400,height=400,bytes=5828,format=\"webp\",owidth=400,oheight=400,obytes=23392,oformat=\"png\",crt=1763499874,ocrt=1763488264,ef=(1,11,13,17);\"\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-request-id: 79fb88dbb053dc9636c794c70a740cd1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5828,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"81c49f391476deb5c7922496f5b3ff1e","sha1":"5445bdaaa3dcdcd3efea26a0a1535eebfabd8102","sha256":"ee14d840433e961466aa89f5fe5094aaf52512c6a0786afa9b895c40ee157ae5","sha512":"49a64524f29d4f34fd4bd110bb0456dcae606366d395797b512831f8798c1cb4f0fc268bbef98ae9577edc261648751b01aa8deaf3959bc0bfdd06fd5c492022","ssdeep":"96:HbLsUUT25j6/M/HU4molNlvOizzWyNw7cnuPQwZVNpsjRgU1amLLU:7Ls/I2MvUNINlvBzSyNUqAfnHsjRjjLU","tlshash":"3bc19fb46c311d3e3a8a66c96c8ed6041c5fdd2288e14aef180b6a281d3157aedde875","first_seen":"2024-08-20T11:12:13.431266Z","last_seen":"2026-05-10T22:20:44.826683Z","times_seen":421,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 25 Nov 2025 21:43:03 GMT\r\nexpires: Wed, 25 Nov 2026 21:43:03 GMT\r\ncache-control: public, max-age=31536000\r\nage: 140973\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-06-03T16:57:04.343675Z","times_seen":505989,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.trustedform.com/certs/1696ae88a50d02fec31931002c5758172009ddae/snapshot","fqdn":"api.trustedform.com","domain":"trustedform.com","tld":"com"},"ip":{"addr":"54.160.9.121","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:37.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trustedform.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 08 Jun 2025 00:00:00 GMT","end":"Sun, 05 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:AB:43:B1:B0:8A:50:79:5D:75:F8:50:2E:87:D1:61:C3:A5:FC:9E","sha256":"09:8E:30:0B:F3:24:44:6F:55:46:4A:1B:16:24:36:37:D9:D0:35:CF:AA:A7:BE:E0:F9:A9:69:8B:64:53:7F:D3"}}},"request":{"raw":"POST /certs/1696ae88a50d02fec31931002c5758172009ddae/snapshot HTTP/1.1\r\nHost: api.trustedform.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 20643\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":20643,"data":"{\"body\":\"eJztff2S20aS56vg5J1ZabdBEV/8aIVvV5YlS7eSZVs98sysJxwgCTZhkQSHAPtDE4q4R7m4/+419lHuSe6XWQWgCiiAILtb7vGNre4mC4WqrMysrKzMrKy/PYhnD06dkwfZg9PxyYPpg9P/FEUuFzn9kwfrB6cPFtlq+eDTiXjkiUdqbb9eFNSLBlyE1y/Q5LssCmfX1rMwXTz49BfRTRZny6joZ5i3QI9WURY+OHkQojFAk23s6K+7+AIlz5J1Fq0z++x6E+HrVHzFpyy6yh4T4E+s6SLcplH25R/OXtijB3/JOxg1dbAOV9TWRRxdbpItNVY2exnPssWXs+ginkY2fzmx4nWcxeHSTqfhMvrSObFW4VW82q3ygrJL4Li1y/MkOV9GdhpnkX0RbeN5PA2zOFlrIKz/nPzJ+ebNN2f/4X/4/r3z/uXPT//448t45QyvI/fbt99+u5z+Yg+/iv4j8cueiZRl15Mwpe4EOrfRHJ8Jq+np48cpE2YKuvTWUfZYaUGwiWwhnW7jDUHDbWQC+4zzX8KLsHyaXq+n+It/6ZY+5N1cXl725GjDdbi8zuJp2psmq8flt19SpXPJkLfdeRaer9DjebTlzs/x/fEv6b/Fsy+/sf/sPH/z/ehs1P/+99OrL6e/P89WX/pRMPmlv3AVyIr58Pkge/fs/cu+++I/fnzdClkxLRXIioeGCepoMzS9OD9dJ9nD022SZI96+GrH62W8jmx7Hlp/+2ltWQl4dL5MLk+tiziNJ8voyU/rTz+tf1oba8/idLMMr08xX/jBZJlMP+ANy5qDt8H0HyN6tgDfZ1y8iOLzRXZqOdGKv5u6sywUgl0w/cJlfL4+tex+z3EDfgWwVCDpzUN7eS7gMbzotr54aTviTZ73p1a/1x/secGtvNAO2aXtVeuPhu0v+JUX9rQfVKp7+wAaVF/YA8+wUt/f98Ko8kJ77XG19j4COP3KG3tfqNJ4sI8ETpXI++pXiTzaRwSnSuW9IFXpPN5HBkcntJhyjZV1Kjv754Gjk9nZOxEcndJ4Yd+YXZ3STvtU2OyWS3sZzTPx0ircnsdreysEDthcihzZWLjLkvam+E2tLWr80KYmyXYWbUUzhfRrnRLLWBu121J1ftmIINSntsLraJtaeNMovydJliUrDImHI4fHn8WIi7FZ1iaBCgO9BUWTNFnuMiGqc/TylyzZiI/V/vcsFtVVoexrGy2hLV2IvmjRzSX7FIpTtN23WhiYfz9S7Mto8iHO7GwbrtN5sl3ZCUZJyBCdqn3n/+2vW0GJPU129OTEUspogPtw1UAHI26qfZbtC1IH/d+VdMu/1IZ/KkYHQkQPbdQ6sej3I/P42yp/VsRKBg+nH863KJmhfJlsT60v5nM38ELuRMxNexvO4l1asl8O5yS5IhUmXp+f5lVRpIHXUqXsb64zuZz8IAJRtiiW0+5KbEFAD1lrBcFTzO+8sNSbFvFsFq0Fa4SzGUNS6AzV+UlMUr4aLZfxJo1Tfe4aOYC3PQ+p3Ua6V6s0UxtdCbj2UFqtV6WykFyqjNZlWV0uFZLsrocnAOk0wkrVhkGWa1qzvJbjLQb5qwyZAOo2YlmzJqCSjUpS8+Ly98GgNJSScHtJ9fkG1oFISrVyWHKLpWzsnJ5X/GcSaYXabFyj+4PBUFdWrqSioHShat6iUroyVFIUSVHLuapDq9dw6zUKTUvU8Oo1xDCLGn69hq/XCOo1KpAO6jUGeo1hvUYFcaN6jZFeY1yvMa5grG9AWV+vk6ubDYpYoxa6W8pZEKdoOruGhYjsKKfWOlkL9UVTsN1imZMrWq54lyocWvzvaE40a1QXS8aVtUQbtiDyYXpURRevsHlp3yj6VJV+8RmzNFnGMzIwgDTWF1Ek+quoIFBd9aHzYo4XxJJOzyu4rex6sLKHgKk6e6sbGlmtKry0Bk+4KDWUbQ1lS0PZpPO2TJBVh7Tav1JYAqAUlhAohSUI+7ZzpYTZxGt9JxCu4xUbbU+t/Lmbgu5zMhNHzA2hrrZ2fUMlUBrt7dVR2oBVd5M+HOmrQvd3uOd/z/v6EF3PtzBYp8VrDEr/d+KvcWXaJhlp+f1ZdK4DoS1OtVro2IJk6dK0N+jWuFoPzYuh/daGRFwiHtpjaRexV6k9j5cQUqfWTw822+Q8np1+/cdXK9iYz/Ime2/i6TZJk3nW+ypM4yk/fcgtgU++dB799KBJ95CwjOsgt1QqWFoC64xuEVp3P7TorwO4Za0qvO7wFuH19sOL/jrAW9YqV2Ps3uwFdLaPWLFDucTeBtB9uLvi7TbZtjKH0Dpt+MacPZppUUcHPdcJb5E7DgAcMNn7AC/q6IBjDwMXoYEE92RohO+9Yysr8eDYJcRjKmQMFtBaKaaNqRjcqRVX8FJ/liOo/oSQq6+DOeoKZTH/r/KgXMAzWH262hzr+qBmc8wVv9Jiq/SBbYbQMuTXfE9xt2bVuhk4B6ZiZa6YQNut5/oIqthpQkO8BiVzxUW3eElgt3ayXl7rqrAY1hTkJmxPs4eQOPKf4NpiCBthS8vRZucFe+xfbajN0cEtaUDa82S6S0N4IU/DKXEAJnn9EX+SA+YRFLTMoS4KcrAFPGZfZwklKIA5YXYs1P2vrDRuoe1tJXIxG5ZoOtw+pOf5M2H2PLGmu+0W25ln9E3gONmE0zjD1BCWx+JrrQX5RJPhBmDSCPEMsyZwiqcdAIKLsQGkspUCKFRuAouhugw3eeU6zj5PlxXM3CbiV2H6QR0WiaOmKkYCTZaY9sqMnu2b1UVoD+/jTWER01SN8tBifgDUh/wViFmKlaBW0kUUcYBPpRUEUeiRLGGKoJ+0VwloyYaPJ340BoC+PRk7E9t3+kN7Mhj7dugNp9NZNJuMBv3HWAyyx7NrBObE08cpIoiiWU8HVosfuk/Aam1UgNYikPRolRsFpfzhKfzgo8Eo8JzAViKeXC3uqBKE4hYhRUrkmYj0kUEovRR2EARELZJLSNXt6j9/Xp/LSCg7vgjtqdMf/+Vv6hadxaBmN5Alua8ELpKHXtDfXJ1gE3ZxadmWjy+PnointDF7UnMEMT/r1hc5AckSqj2gZelTFeweGGiWXJqhZ7cQP1cbFSVoDf87WH8sFz/b80lYrn8IrniEvtZkhRIdTrJ1Ux8q7M5gcwUYU4SsRRCtEBt2vDpvwu1VbrwKAtNrPQAdh+ts7+sDfn0RLTd2jIrm+rkRT5AObzzJS0ixoe+5ljZfRldP6Jc9i0kvoGVxm1zmtKfqiAnQuuxtwLoQWPOklY/4VYehzZJkmcWb15jd3Vjv0xcELgETLl+hozPRQDuScl1khOFJhutPA3/QN3DizImmc6fCjEO8KPUlYhNhPfzCGYbuZPSkNPOQ3Qj9fAO9gixMEaIAgQ072WWF1eeTYgpRqv8NztksUVmV+RLozbvxZ5/gu63WIALkNcbjHGo5FLc/HY+Hnz71phCu0N3TabKFsZcUJzOeyina+R3azczMrSnWW2G8/dTjmXe5DTebaNtlIjULAXDPoxrr5t+lyk8c9kU2frFHrqm9rJJJDIO4eCBETTa2ma2X4Zoa34c5laW20SaCZXedyE/qM/DMeYRH66gTWooXNZxUuPfE2q2xzD369O8rEC+0Hiruan9EUvhv3YaTT5j+p94vuxXQuW2SJy2jvc1x0QLx6L/FK4oXxjTvRFYhYSCyIU6XEGDmyqWHheorXZiQOBxAhACJ7UiBNwTLN/ba0Poaxl0g+HdW8DtjV+MxJE1XeqkTt8sLmLWHEYd39YrsEXy7hzfU6ckrBZYKWkXJ87SXm8r5odCkY4+nfblK4YNR1/jEK1UD94AGckUlBWbRuiCiyd1q/QlIBOcmkHF7Fz5exMpxwGjToLbkI1CHT2wyhapsh7MLFBCZAd10maS7bcNwCpSQyPzUg9eXbF7bKKXgnFYe1cb9yy7N4jltGLmalOiFxBVbHDnllD72SstSbxz1wSJPJOY9VixUYCdhA5jKBParL2EX30TmLqPjxcvGqr1K8yIBq+fB227SY6Mp/Z/rCqRWCl1B7Oxy3aMPttTWOQK8kAFl1NFwAMWjLgPalZ29cyicwPgBdl0S1K0cUJsKesGs2+QomX2fKsuThK2CRLkt6LAMV5uH3jZanQwvFidDfDAo/3sVZIFOWDinD/M9CTGYuqDIxSpXvNvb1AZtYJLzcHPqANZ8ejBnsq6Wa89yvnBRjVm+mE5zFsoZBBsKkyQbzsP59BDQIfjTTdggPWWrQ9iVx4MDW+2VW5bGvYds3x9NJsPRE2Xe0napYsootrCG41CuOHihb2EX2JQDX80L2rAb3VzQLWcx0aa5rWKBUXQl9a0WhOFtTSqznp8TXOquCjdEs7k7H0p6/HUXQVQZMYxmS5y6tNfhr5divvoQOgaNvDPyCpWhHQKli21EjgXsJMKtaYeAynWO7vdDhGToUqXLVgzbOdcfF7SgwWubGYDQTpB9G0FZeNSWrwfjEwXbNMwM9M5eoFM3XyDm/XDsO7msYIGo2V3y1ZZZVTSOgTXYGNC8QMVQWV/5s45YCjluUJbKLoi85j4UQ46cGgyxFjREfN6BGMRqB3QptvKfehfxNttRVFvxqlm3qgoCg42jqg/waqRaPkjRKegjZyzrPnjbDEg7++lN0eKkrE2/gsmgSRobTrW52qk2qF+Y9NDW1iatYjAwzbT5PHLDfgdVQucmdcdfmLNI/yMAgKyUVKYmkUaQ7Ddr5q2J4TStB9SWKmqHELX50ALf8wZPLhd04hQr75TUMYJJ7wuSDDtV0UkbxIpMa6JQYeJXKCQs6TmF1uGFSZkeeFU2rGqp/Sewj3zULTHMUvj/SRmnb3j6qbdMzutGQdFlYcDEuEqSEjHFqwJeG39MDXDoYcOD0NhjrobM6X+xRs5h2F9en76MlhcRucJV5cSrLKRevpCWXvwdEQwOgai+wj6pBNuu4CFdYkm45UFJH6m6Zf/i+dfPvee3jz/hc82xiGjj2+9hQd5Zw1jyWXWTTk1myWMA7yXLFvTAeXCrjdYwIgwwEgdZcg7nkXG0UlXqWJ1WXtJSjLttbk6hydce/S/1LBci7AnPCOFAD5dLq+emXfqEtYzi85u6LKdZeZgJc/JRHozlBxyLVQucd2Bbw09HCMS8bAQi9wuX06m9OXlY5Ngx2W2DGtcGBWvjchlu0qiuZx+E4DyWkpxeh7XfEX3OwQ13RmQddrmpMSmB9GqubrBvo3iJlIH91e0pjmtBR6G47ap5ZX1+RYoND8uMDBl6Yl9LHaOwwiDoahc3okIbVsvyjUVXetcW4Wqy28KbbKxd7go+hfuGj/5NuwtqxqDht/Z7AjF3BLJvdx09XWcLO5nzyYeHg0dCXB/V0DLEzk62VMCtidsWgmnjVD3kusXqd9a/CoNVpc1eCr5bIouJef4UzZ9v41mDjXM/6SWfsOpXAmRbxDiPFPttQwX5UGqHrQ001qlio/5u7VmL9+aL/Qow8zJPIl1PF0WF8Uab9gcyjmA5+EIa1mGz7krbIkjR25tBTULslnVuAzhSbwCzt0/tlulTwn7kxNBlf8NoNe+arMrssAemEp86Ewkd4mCe2Gu9bJjgN1oO84VMW9V6cd2MpTbRwEzmtugLmfKb8dHOBKSy7ltyy3ZaNOUceja3tYHfurg34KDNw9uVz2mud+RVoVd05FV+3sSsUpO4EcOK1U3lWA5TqDEsl96BOnR76s3xu+k7VjiYadtn2iFMn5uJiY+U0kp8Tf9JEUUtg6hvaQlp2gYXbhO2ckpjJ/MnXnjVQEAxIwIOydvPM8WqdLyBQV/rIG/3bi6O54YDFtwOo98LR1UgN60mxw+ofPMzIqu0P+5TRhr1rVY1qsOqU32zfeum7TMaTcFFLHJpCvZEuLA0BX8hYlZeN0QKDVwgW9b5IYJVenltqqMZheYj+l8R4sY3lJ1O6T5tCKCh+sW858kuKr6LwmX6Q3L5TTLDUzNklQDB/NU30Xq3tx+Lf4lAFPHatyZ+w1uaEK3Y+rerEDNPvP8VTj5HBvZRmmCCfkEIBcwEthnM/JjKPL6KZk8+wiE4o32BCCxh2UweULGC0yfFL2o5ZKnLDTK9UUus4C2xR945oZLxyZhtITepdO38Y+KHDtgVftOS5SzY3LoSV75b9+S0Bgp2mQZDCpZv0xAljpnh93NPpz7HbPYx9em45IXpCLrjiHZ6K0zCZUs4UfkKq6YNEssznFfwtPMKTWsXXKhCQVONKKoniUMslPAIBOeoeSPg5+8Wtit8QmRo4P2gAYEeOVgfYU1phLQEY3xxaSSCnICd2kDCBBBgFqUfjOJC8XYzezSh3hBn4+lxNuTSMwX2l57UMu76SSGiigOc+kSShz8Vl7pmWRFa3WSH9ppCJNHtoW78fEfcPBKInmU4iZbm/iSz0HmWYjhiHNrCwa6QmiMQ4VEpnFebJOavioeR6mvMiOCf+n6sULqrUT1KUJ4MMcutYsJkceRo8TBeb3amgAWgghX+eElriDj0+UlUpl3Jl9zjX5pYRYVOG7dYLfPwEQqZY/9vK/wdey3YMT99uicwPPfoFwRqmelHs1PZg4h9v0pdhHiiOsIa5RMcN6STDkYhgawUt9Q9L6NdGKUliAUNKjwvAmbyWeEW4Y9NMYwaU1P8ROcQS9v+GcFWFMESb6fY6uSHo9ElPYs5pkJ/xmsBnsnS4qSyOM10QyycTiL4o+i0cveGesJ7b24vnGN0cLcLEfbTAyQc0GVPmG7AxIi4AIOfOo+rZ5corqvG/k9Y4uKJwRP5J84VCV/D7WBCrvuCxQ20eiT1VFlBJ8ojQ6zfdDILon1y4VD8akDWmSYHkv0MZkjho8mfGAYJv0Rz44+sx5aLoZqj73icdrqbkDpgPtGhz2Zi/eoiocX2VsP2aek1hEUkG+IZ+F5nxiB6cyxXNBuGYd7deOq7rlNd61TYBoAtn4AkJWi3ovNvL6Awxya1xRCQ5ukBaZRm6SmSdRgMFYExGqR44WvoVMaXNIVq4X2xTNbndBwJUevR5i0vaGbFDe8WPlqp49Ar74TOYqyvHpBV9tn9yHV8uNPpdc5OYtgZcG/5agsmKLxZ6J3j3arj4IxUL5thrwhp0fsa0f1t9ZnuyMSnwPos2Ri2ilXEtlMOArZlu4G2FBVIDOwdUros62uhUnesRMjSpqxU6ygcm7au6haCVosq8c8ukxbin1i1+jim3oFdWEFmU0TLyb59nKTtw8WS37Jz7cxYIsw756w86Lt91kl8u0igV2zTxCaAl+Di5Td8HPMQVtk7Z4WlvGW3/TlJKjSOLnx8sw17iXK5YW8Sp4boUU+PHqXT3Y1c5pdcRsopc1m+FgQz+l8TYtF87s1x0oTafBNuPyD20mRnQqumUOuW8eINZfovvLY2iQ79tnnVdcQsHzRbKFbvlim2HyzBHodipxJU1IKdvZanI6htom8XWG7G4CXBc4tUOEdOlZjyYRFElD7E9JY50MKn1eVmDciIzfLEX+OUa8kYcvj9NtPZupdtYfbAoSE6GkdZRJTvNu55QPLSobj7R8JDoqoAxy/yiSjXTxnMcr52YRDoTRovfsMEm0NfxYrnEsRF5hLfdNGV4aYr36Di+ULF08sMsssvcsgoZQa3SGAYdWAYdVCMWikT45Dy0bIKOs/4Ai0jKgYDQTycb+RkNayFylz6hhMHJdIC01VgAkE3AkDrVJ6dKDnk4IYqpy9u0JIA6agG9PMUZRN0WFtrvKE9nFkUDeLBIqHzW6ZeoLiQsQNbqRRNRjOFVgYmDQxMGhiYNDAw6cDApAMDkw60qYm4hkaEefpQUBUW73STIIj7IpLJ3CgRuPyEbN90jIN/kZ7Fmcmh+pBksWp4qIomtNzDSfUd1gukvWLJNJtk0/ORO/jrYz6p/Hi3gRd19vivP9MSdjLnP8flaIrWOISVrFcYa1q9co37Sh/TKEpiDcQsBiloEhXicKDd8XVjXK5m+SdkcC9wKbTcv3dUyoxcmowfCNFUYDWfgV2xqHjdLQCwe8l7M6WrPMvfgA5Id5MS5i7KeAYFesMEHhgm8MAwgQdiAkuhfMYBABb6is/53GhaagM4jt0VVpn/sIQQmT5V5eGApvJTHpTPkv4qber3EB7TZnkaQGlWv2HwmGbLswAlpYWLaF9TUpEqK8MsaEdXAAIsj+/IVy4ubKRyagGWgpI56twiAjooG584vXAU5xUhHvUJX2KtIpZuyN9KwwZFYmjQtIaGOTA0zIGhtku0XuI49KvM+jHZfkhLhaTzvD9kri/j9lbLIRvWVGTQrZeJCZAP5QdsAVLr99aLCH/uyVBGBj10ZNCnR5oH13rx9Pv7MwQDs40MzDYSzJYP4emMA7ToELT1dZH65t4MyrASjAxsh3zO6qDokl24KO7LKMYGpXJs4LixdjXrAcqRiNa8Z3qOyEH6eBbNw90yE6bPxylibmyAqyBHTKmDVZpKPlKs47BkLCMsQNsUhyXhpppGvWR7DmUq+UB5bexsEVHXcFKHy8e0iMHKw7vrn5FNiLOhikSo6yTZRGIfU2cLi4C/BdaQFXfUYdd1h/QdGaeZfxT3fjSvd2OzwthhvcPbzet1vlAXKzZAKCOjFfzUUlmbUpEXuaXJ4JdrDaJ+VZeo6RjHKAqVgPiyDYyuE1qw40V4Ww0tkihkudZ3xwUa2/fFZSZOEUeR0Cv5LqboRe+TO6tuqaus08wehgVibNBGxgY5PNY08m+izAr5enTrdQJdtLzHW7/Ie6s80fSCf0JNOHX/CQl4Yd3rxKlDTco6fYNIdfr6dddtanK1ObNgWvjtDZRol9nF3u0mwgWoWwib7SQN7YhGLJFRU1zlJC1czfR1+pX5X5QbCA+Zbio0kB4cq5LuWbJbzqzrZGftIAlCbLzDtbXbYCuUk/PfSvS5x5C2vA1eAaJywfsBpJW3s//6pJVRhoiuUEnckbbyJvfqKGRb+Q5ln9BBX9uQ4aE7/Wv8VpMtlRG0wVeZQEV5A0/K69zr5YIt6+UmziwThiuFZVJvtdCglTkym3el0LATcPSkaf/1v/ZrLgXKCdG8RpITnQK78nVFKymMFOxmf7qe4soRBbum1EGOzB1UKTRNa5nDplJoQp5+xIE2om920wW2ojTp/4RJ/zr+EFlnifVVQg5jZaoHzZiocJGaNQ139ClZ0domgAxvPkC5qXUMlQUGWaSC76RI1F7HeK3NhK4vbwOzIm2KcrOJ1JFhwvXyBuMfmd9FQjQo3Pu5T5vOckQKsA2T0OTJdnRXdjdPSQGH0KRMycdVxkAA6/I+aJkFHkxTxOTkQzSRGZOlp0+t3MAL0oFXLzfNfpMXzzG58RyTH88xOfIc6cmTJH5+RSffQMuC0hlTsYXQJepMDkBHegBl+0Nciv+vh7Sd19y3zilQmIS5yQ3o6H7Ab5IEXt0jRm0iinRbyaYHuEQOaRac8R2P3ER0k2PMkZ4xCd6LMIbWfvjITb40RzrT8pGD3rY1GN7xyKUzqgKJiebSwSLB+y7BknvMyE00l54O2TRu9KCR3xXN85p0WnWvJC4Ww9oVBR1XxUo7l5ARFkvuw97nFUEA8Y5goOXgLN78891IekUFMC4u+1YCk5fKkW6qmrwuHUtK5dIzpBaalgfptqgU6r5UOrjRjGLpZd9Gf93hSA+NB/9AYz7piI+4A6dw63CAdKmn5jvzANtySSS9aBZmoZ3N7ekimn6gthlVQEG43DHR1uqVSdoMUxqC9lDUqSghxc4GMeh7h1iEK2RrqzyTUlxQJhkB3LJCEQbYjUUrjTOKjAZXyagy1orj2yn6n4yDxfBMS7J0+FQKtWCmOyQx4R9kcNj2khO5UngQmaUjKCez2pRCaOka+q0SWrqVDtqgVAdXHNlr22KYfFWOdFZVCk2KY+knumtJwvQnK9+JJk2qxYexmrawVhpTmU3MsN8ss5k0OekYqxRqhrM7JLegAIl3Ta7Uig8it/Sc5eTWG1PILb1pv1VyN/jNbl+2SBdShYVMGq7Jc+CUroO7XsLyeT/UZEut+DBm0wzdlcZKZkNE9W+Z2VzpqtEo65r8La7ub7lDcgsKkE4hHEY5vevlhxDclV6fnOCV1lSKm61xvxmKm1XwWxcvrsnp5JqcTq50OumFpWfozjdB+dyH/0JlOMODgzhOurHKDZHenMJyDW6r3wrLSX9Whb4GJdaVHqTPQPRC4Eu3dEH0+oPDiK6dqa01pxK94v36rRHdrJTfvpyRjsGqZcY1+QZxxvrGUEnP0kABweRcdKVz8Ta6Eo5jDgk6jJJwMBKd6JgZOV8EJ3NIboFe7kcleHEOpPBd0gXvr5RoGnJMEdPlze4JftlskOcf8cic71+U4YDpFGwJdwNwlFAbGUaHCF/2POOgKv5U3FlyRAzSfyaTX4jd3/Kfv+jTnqas4sTerbMEbs1oRjyE+8bhfFyTSdDG9EWSBAEazIPIIrMGQG2cJj3DdU4z+71d6bStl5v93q503dbLGzhcOnDr5WYHldvgr3Qb/JVug7/Srfori/KG8UoXY728YbzSFXfQzKlYqtnVzPwpvM78kc6SFH7hNkJLt18NsAbPnys9f/VyswhAtuXlDBlcuxr7Dxk4CUsesXZAw21wN7omd6Nrcje6pbtxTwxrDST9hE8Ru3rc+A716xvQw3lMxP25HBq7b4GRPtU67hqmpfSs1ssbuEd6SuvlDdNS+jTr5Q3TUjoq6+UN09LkTnRN7kS3PGh3M56wVlc2xSNb1Svd72Ogc3qg88sgkjoJIZOX1S2PLKqFJv1aP5C3CbNFDilOa5OCCSxvAe0zOnhNugF+3iD3iYVlbmG7/oU9dJ95w4E1GPVcpPQY9kZ0J5rrW/13Q1eU4i/8/BdD96U/mtruoBdYfdsfWa7TC+ivP7qAVW+K1+gRlaJI/Ft4gTsVb+CbLZ/hpffuEG9wY1yKIvHvIw5l99H7S+oSwKGSN+4NkVys5+ErgMHvFB+ogEAbEmQfS2KlFwV/Sr1IcqzmRcQhcHrEyop0suaORVafNghPj0nPmIcc6EdldPAKnylhhhricpHnDcJt3aE1D22qQH8vbYciEq9WS1a/iLnB25eXl71Lj0PbYXbqPxbwXsTR5VcJKzaEKiAvUIUfWpO9d+NCMJx8pZX3GkSJ9H/ncUE/RhwYCgljT+LMevfuNTTV6WINljq/pijRaD3dXm8yCiHdWoSqIyKJcnmwbyqJiCI1xFIgXyyHeSuto24QiNIhXC+/uZ6ir9L6KUVt+yv3sQWbyo3s1dWZSFpA4eLPMKA/bGlu51vTItsBntTSHcCnPQij0SgM+rO+O4+mHkzrcNu602AYjOCv7vfHs1nIE4UIYerrZ9K2b7c3BR3N7owu6DhLPvCzu0cG93S3qNCPqh+Kiu8Q9mvmjA1dk10FsN8b/o+LD+P+eTy+fnP99nyQfb88f/1+8Obs65fZ++tnm+fB2A9ev/wKSfIGm92zr1P743d//oM7mqyXf3D979/2/5yu3MHzN73r9If0j6M306vkT6sfv3/6w9cfgiy47F2fO9Gf339c/vH52nkT//Jm9qfd4OrSiFsJuhG79wr4UiSLkxt7QoUT3n/iyKQi6rKxPPXRef96A1XkkJQTtRYqN4urnGpSRkyHaF3TKVrXdIzWNcVVuPpB2ncIos7sswhZAeiYSkqrzwusSYhj3lrfRtGsPEi+cLqI6iGt0DlhRP6LsxhZWxr2IsXwTXqy6fCsq5+e5XgZPlfB3qzDTlUYYMUJhqwDuKbzsa4p6MA1BR24pqAD13Q41ZW+/EqhaadRursPUFy94RDZSoPXwH/PsYZT2yfNET/I4jOwh7YztIcvoadcID5+gZ8Le9BzoEEOoDu6VM3t+VRt0BuTnhl4lue87790/WdoYMh3s8oP0Iz9gQ+d1vGgZnIhdGL+t8ANtlMupmrUNT2DLv0egZdoCzoynrrQkcVTqL309OObgQ9lFdD4PR/qay8Y2SMLP4tRf8pFfWvExfgDjXqAzqnYFkVU9yVeF2/37RGX48/oPdTfFd7tX2Bgt9/8xxWimKHae73R6L3v9+vvLajf+osXGHTPHQMbDv7YVOq6SLZEBMPrTs8DJfA7wBtjkGfs4Yljj3rDISrjGdLh+UvUGIJwaMKZuvTI7QGPg96IXsG+BQh2PLs3BCl7IxCCoMCmZYCvtG9xeyNCxtBduKOe40zFVgTNjeygN0YF+gRyOWPAjhICZuBQf85YgIImht4SN1BStQCjGfWCMapiOBgDDcpjdPBnH2xBLWHkARof9/rgT2DGt3zAjaEHvf7wPUx0BjoBiXU6CRQyBqmIEQj8Bw44Fwgk+L0A1ccY+djDEwejHw6BPxo78EdDGQZUDwgklBGOBj6mxIjeGQ6IRTGyoYeRjwi9voeBuwN8xV6LEcgfsVtkDOJN2v8R4ixCofgkUUglBM7AoR5RQsAQJEChDygIg4xAVMRwGGkWI1B+lgjEhOoFns0IxG4ICLQZgRYj8HPu9iCN6Ab7iySeRvaMwkvV87T1zZ+hvtwLUrqvI/aC3sg/aC+YrxKHbQVloFH3I3Wimy5ahbZsLaHZvMJjctoVp/FkmQqOySpiOnPvyjChPNYd6bHp4iXru/CaM/SoIzkGVkrNWoWVyg4a+XFWzTrekPBbhYUMmnm5ijvTEm6KAnJNUUCuKQrINR0gdmVwjVaI28CPWNcH/ZE18F967jPH73kePoPxhyP62LfGgwtklqeleEgSQNTwyACEf4tgiMWYH2CqQBjJp7bnvh/TasjPRDHKxL+Pb8g41ceCiSXeC0iC9qlPCLhBQB8AC1miIMfJQjbwF6wKcE2SglwJxfj9cYVNGyCjBRDCl2T/CKIdwhjLR98eD2hZ8Xp9wBqQJEUBF6c4M0K1IONphGidagFE1PJQgJfxW7QOMxoBCkMYg8oAiN7x+4JgYECn8jnUHegbspIAnip9Rpm5go/tGrYiQe9GUVlWExLSpc3fERJy4AN7dy0hPRlD9dkkJC0XzRLSM0VveWX0llqohUTRQX/eLb1AStLUeoHb825DRlah/TVlpAqLWUZ6MvqrgiiDOIRF3FRoEIeeKb4J9h5ToWbx6mq0H0HLGrsvsfu4CEhgkFkcwoyt4MIynuIPl9Dfofse54l70AAHPtRDb4w9Dln3IavwFXII8Z74ig+Ioei5F/6wBzWXxNKg5z5jizttmfweVGlIKge6JQRrMESLqISzo73BdETtQeiQTIL47JN1H7oi6X7D13BQoxCm7JfeYMRilucqiaahkF2k8kI+K6JbSG4WuSPjHusCLgKS6njEpWJvRdsrbFPQlO0BwNdBEBAUg2cBBkPegwA5Xml7EZCgoJG89vsYAC86fSAJaj1v2Ah4aKO2Rxo1XsQg8Bc4mNpjDAbCmQ4LY/+ILQIk8bDnvKcNH3lMgCGMZYx1RfxLfV58qMD2sdSMoOGPsNz0UQR5BbQHeAV/sV0FSgJg1SbUTwmh0MChnQOfhC2f8Ul7i8+q+S5wcirFoe4l2d9aBblW8+9Blh+cQOKGspwSurTIclPknGeKnPNk5JyU5U+xcj7j83bWGczDt6LsVkH9NQW5CkuDIJeBeBUsmWS2Kd0ELPKGQlNImWdKNwEJeYQgJ+cqbFRPYZ/CzpjcrQ5rufQlLAvZGCW+fVzh6cAPYYMhRZl/82Nsrx0bEgVmCR+iCeICVgIktcYPW8V6AdlmesMQhw3pJfmH30UViDOrL2o8RdoC7Pwh1/mP6J5UVNgD3sMSFgqPrixl1y7snb0xwRRAFeXfol2ILtKxV7D74e+C5fmoH2LRwD/+Hz3i98UIfXtuKFR58YA/wzjVV0ulpg+8VUpJyQe1Ki0IBR8Y85XGIZzFC3LnIEDlzx9XvPjAHQ5FmSBVavBO5HMKXThakd91n4e5qPX3IGwbIiTvTNhSWYuwleF9lYls0gdlYF/uegjnEdJeIvs/EizehqStwvlrSloVloqkvQE83MxRTRAMwsMhsVJQT4tPO6BF0RpH9xwFUVv29I550/WmvuLfprhrLSQ2nwwFAo4IuDZGIxwVlScT7x33+i+4GSlBKmGajZ1fV0ZuWqtlcGyl0LRWy7DYSqFJ85IBsZVCk4TQr9YqttbkmkRYSnkKwDNeJKOn3/Gs57jGwnpHOaSM2bCL9Ax05e47unFXSVvmdUrLRhmdtGRVRfqzAlATkmWgbC4IcRXnMkZ06+wEV9Bx3rgpxotcnBYWAo4Bugyve9ZrcT2bVcTklEFDJxStI6riQtlpZCVzJMlez3rFKBoDzutj6Cw381frckoJJzqqJRJXehs5Pk13hWA7bSo03jir2W5Kjzbo3QU/4i4yYinVblzeUta2bMuY4Wo4lCfDhuvlJhaXQbV5+iFicJ4cP+A0DxKEdcg1po2Hfd1iOAqgJpbV8x69IBsjbmPBz9ZCOMM2A+vyQg6W5egxznlIZ4wAlYXtrIX7BVdxdihDAo9Q/vh+ICSCE3Aex5jpyva0MDeimjpsUzomRFuaCk2cZUqZ5MnY4sP2MzikDrvKAIaWJbkn2ck7hbWELSbw4w34A1tU+q9934G/b0zPYV8RP1SH9HnUeI2odHzxBzDXCJMLNcQV6INoZMldiH54wyN+4OIPLKpE5h3Y2Kjl8QAOefbHY08j/fHSZnQB7V9akti/jyJhYsLGhmxINKwxnsBxSr2MuAeHXbvYaYluPufOIKTsfPJ0UNveQKn3eYNQq1zcbXdQDVs/fLZod92pLZsEkinq3TNFveM24WOMtOQHhzEQllOeDOywb2F2WFWHzYz+mhznsDKSqZXqFD+iEa6lzTmeCjAuEK/CatuDKfM1jI74iE/vyWps4nfMg8LUqoS6wCpJxl7kASWrJxkj0YNHU4EGgSKMAl1gLnz+aTBLLunLvllA1f4eJoE8BHAbk0BcnnOTZcepLTvcsAquaZUxHU/w5PEEuQyXUW4H6y+qT6eb/tIQ3O7J4PZ6uUlcyJjwIpMelANVf7G+2yZT3O11tB6jBOl5Ms5cB0DGiis7jHWCO/yhfNMGI0yxxc7QFn1ySYXGvXPpTZWWbnaEzkqLOkZTyjTPlDLNMwWYeqYAU68MMP2H0vIPpeWzyOuGBHe3oLSYYqA9U245zxSC7JUhyP9QWv6htNztJGhI/ndflRZTDLxnioFHwKVmlzteaVH9l92UFhlpX1NOZLB9vdx4QbWmtPwQTSM6fFsG/RytrXgqpCbxo9/j9Ibiu6w4tWYRZ3llnQWHH9juF06nuBQZtpYURkQwGv6iujXZ4SoraFQ4RngtjnAL0wxdbEXHgG6o2tAIblG1Oa45shbS2xXXhinm1TPFvHrV1HhFCyb1yBT56cnIz9u3y+UOlgIkE4PKaNJf3TjX3Rtkklz89o2Mz+Apv9XGZ4qwRdyqkfq+KcmbbwoT9GWY4N3taipc4MsQxAoUen72z7O1uZckV3ZIvikI0ZdBiHWSm+7zNsUhIg/CXa0JVVqXwY1q91rSz/u4MNxLxrjZ+iJSWaikMV0xb4oz8/U4M77SxvoW6lQOzZ5rZms+und8CY7qA5cZzXDUdYUUH/wZeXuaVSO/er3QbXjpjiFVzQWOtYrY6BB2QRCJfKVEkdIgvlImg7ZWGy5jryvyjehsECmmMDnfFCbnm8LkfFOYHILITIUmZjQF5/im4BxfD86ha43KMZhuTPJl4ETB0nRxN1941+3q6Uo4CEmtb+kIfolRGZ9QXGIK4fQSIbFdtg96wFPnim18q0b5xLibR3j6VTew0WHtmwIqfFNABaLrTIWaanEHWJbBGTmWL7E84Ba2+HyNRQRLCAUhc0hCri7i1lCxUFDhGifERexBuL5GlTBN1v/NeooghC0+hUtREwsTH03hVyZ8K1bxzgdEKVC0gniXi4uXEZUHzZUu1wJQuzXunsAcBlhTHAHcRhtcw5KeWItkFVmIoNhyxkasc/hE6e3w6CKcisvQUYuGsQmvOZ6aurYuI1y1tD4/Yf2XUqAkGNnWQhu4BXU9vbaAq514vWd9dY2MKYjSiJBF4LzUq3VFmk70n4jwDb4LbBFCI+AlWIy+qoRVV+GedQYI8Ih+kGVhCQVticwrIIJISznHDdG9MhVM88Kshzj5plAbXw+1sd5S6IhQU4leKYLz8l0DCEwaLeEJV4rEZKrpYfECq+CiEaAD46JdBQa0tc4TKgHfhNZmcZ3GyHGJpRN3l/QKZZgxwoiDxhAKC+U2WeWY4tscNwsg54QaJLQDD9seX622gq4yAXY2TG7Wa6UiK+ioYPuSdkGoW6pERXelboTIsQ+5gnQUZk2CsXIL2LvEmiXrf84YXz1kV1B2Z8QyhC3T5PpncM8kAtlxP+92usg59zLOFopoNsUX4VD5HQsNGYUjOzgGc9Xcf0dIYHGU9BDhXdEPh+CEefIm3H7gea1CZ1pLZexQpdA0t2RIT7E5EAnb6Bjta1zITF19hqVJ9fCZlyZThBFMnRr3Pk0xlVcR29kgpolB3wojAg0FktrCoQm+XNp6+Pb100cnEKwswTBxYVKgecfSIM9aR0igW6mJnTfJMoagzRZhJsRrDCGCPav1C1LTCEbnCRGhGe59HqFHWlXCyxOITsikJQLmuGKcQWhtYsTFnVKHGdYTLAVRApkN8RVvIUhJQHBdggUrRM96j3vexaQD6PTaElMNIgXyChKYJik9Q1Yd6mCdE896ihyqD89eYbTcJtWhO8Gsr6NJhrvWcSEcq5rY9uPSdRxbB46ot3LSmiKsfBlhVSksFAVOYNRyBbpkgmPz/t1iqj8EJCZ8p7nMdIy/uOWouBwcH3Bpahnvu29EN7/YvHaNefWm86NmmRyieYodKc5Uw0U1v+XRYi5gMfeWL5k/vJGuwc31zg/e2FVaIKgrGzsqKttjKhy3r6sfvGja1zWkE/VN8X5+Qy5R33TpoW+Kp/JN8VS+KZ7KL+Op1EJtYbbOXj633n73/IenZ29/sN6+wPdX76wfn3/17tXZc1Lz4CXDfIEyNYccDGdIg55BJELEraPsMtl+6FGuwq00bpGIjtYp68QnJA9J8LEGw/r7PNqSbCYlFRojaXRykkI1Oz/fRuch9EB8gQ4jVO1kjleQcYrEPxaNGbLRQ7CS/pwlUhdG61ADqZ9wxUYs9KSCQSrrBVJqYRMS0sXwQr6L5ucQvtwhKY3YIOCrhVBv7Ca4Y+6IFiq4GVOatjPuU3mYj1sqneiXdTAaGUFEcNAOhuGfICc2Fa7AYmUsNjHodsWQysaxtyE0iKUUBLiMJqReQUOUS1+4RKx3mo+L4eAxQScUkBXL4oQURrQmFG+InRU2B6TG19qM19PlDo2Jq2MJalpoaReEgvAijJE8H8ukoAeTHBsgwA9pLslBSyZroZVXSFdFSxveJpXjLrZOnTRDUlT0uZitUyrHTQTlPDTFSPkyRipn93/piOTJFpkHxSaEM55JRuXVvKi0CnGNsxwg9iHiWOgsmmKC8J7wjJr+sdo0hoZUcxm2JCXJ8Dp2c/E0ppTwYFrZo2yC3+fdivDCMHEVzmES5PzAupQAt2e9wt6Adr/TMKU5R/Ukr56Db8X8FLQhVCQTksfEwvJGeubkEKpSPCGdSjZ6pn4FSjBDABfnjWe9ip8SoihHIxpUlTKgekHbt0nE+8LVCpt20Q1lwwc2w0vJjPR8l+5gqJziekkMZV7MR2BwLfb5PFgNvBML+hxGC2sAQZcJ9Qvzj4Yq5gIVkQzKUbGAzkF3yONMtYDCBiUgP9C+SnYFefnNGNw/BBdjHRMgWUIY0IyHCkR7UmyUsaPPAfwFZzLSWcyLUc96WtzjvMThjKowKMhU7JbRUCEjGR6WBQVR2K+gNkAHRNAAYJpZK6heMem5WYwL60mHZfSi2eKJFLUtUpn6FHIT5mPsh1gSwG8FrqPGaiMgNjZOgPNduA0xvQEOEUYIMLEVL7btwgJDTNggFvNW8ZERQeiBwDghs48Q13yzKc0sOZfxJpFGDE6fyCjCELnyFPqqFGq5AQoL/gUYgp4CuhlcGGTcIEFcTgLCdj4DkTyX8w3yvSQ9S7heYFlYpzTVBQmIvBdshccySlt4ldPoIYwSKCmO98AGFqPxHS2f0NTX0xifyKNCgoT5qZjq8Xa6WxHj07ZiHl4RcSp8m8sVObAch4XQJq4laUOTQVKepo/4nr82sya0tCm0oF6AvzXwJ9ZADJVFAv3N91a0ZyKvI1RyC0k5MVDIiCV6ye+vF8I0AfhbfCb+25YMRhxRTHFWIIVCgCeCrkJHWNJhKBbMJC9WEdiNAKmtmcJGRytjjlYxLcRMhniCSCexJAxGZMsUFMJ7ZL/jlYLhSNEsCQTiWWqCWmT7HNMG+3s8R24sYkKmkkQlYUw2ArvZOe99S9aH8YmE0A7b4nx4koKcaOs2l06Tqqrf7Gz9y78UG3oCGxOSNTu57PEdPpDuue6RYVMGzIiHmJPAM+F2AmthuEtPrecw1SLWC8R8jhGBTVntO6NZ8oc1I02mWZANC55IdzC+yuZIL0Sm6nPSOIDvtZjvksQSSOBVLGqCWxn1cqbdJvZMurt+ebX19NuzV/a7756+sb57+/rVsz+dkhIFeyOWAxgeAPUipkzfwkgOOQH9iiVOrnILyzUt0mSUBJrAazSjoolQD8hKjAVzLdUIjDdaYV6B99OU9txkysB2NF/qed5K6woL3ymoAuzB64gNWbqIIcPAw5gT/AYvmbstS3+yWNAsBf2k+YblAK/dxTKN9XXJH9jELY2UGIAKYA4ajX4FiSDt5mJwZMeUYoXHyfNtGUPh4qX2HDYGgkVYhUBgSH4pFRh9VIsa+24LQmKM3/FQWXPl4SJdIEkbrG2l0svNiPmdkWYHHYMghJAWQ74FjumwSZYN8GZ2niQY5ddxiuYgQ9U0iNX07GpHbT7dhpTrvikU3jfdwe2bAsr9ShrtFitUC4KMN2Ldt1sqYDFiu06JUhk3f4gZpoKEkpiC4u/QCQ7ZLmGR0Qh7EAfpF9cUzf5Q+3qjXhQ+5fb2Hfat9lQg0bQCmRJZ+6ZE1r4M4lZ8068y60fYJ8owm2YzYpUaNvw9JKxujHqBl2/Di8ZRm2w5MsxcjuX//s//fQxLia6/2sHUXBtI3rspe7YvY4wrhVow0Q+su/zeeoFN1L1GrynW2Ndjje8SvSbuNeXw9vX7uF88/f6eo9XEtTI6+e7Rarqg2zdF8vr6vddPFeMlL6kJrAtlWpn7iGgZdVwZlUlSypDjz4B9E/+aQo59PeT464T3zO8i6CpvoI/lERyvSovB/SaFQT/CfQKfB+uBKdA4MAUaB3qg8TOxQ77PmA1MkcqBHql8l5g18HNgykAayMjfwmVPF8Bab+61AAlMgcmBHph8h7g1xSXjkJSpUONafdN2LxF8g6ZewxrB99MZUWaaDOXlzWqhFkFyl1Q0TQZTzGogY1Zz2YNrdCDb13FY7MKxApC98V5SNB+uKcY2kDG2d49sU9xuYIrbDWTcrgSJ7uchlRwCX7gV7rUGGZjiiwM9vvgukWziaBmsXCnUOPq5DfSSGete49YUThzIcOK7x60pRDkw5XwL9LBiae19ikCqZBt/vL8K4Q0lv3fz9mQ8S+sNjaLPN9EaEdgNhDJNwUrILwUciQwB//V/ClNhYAppDfSQVrfvBt0iSStju0YMQSPEJmVGD2SlXH6HRbJWcSsjWbvaU4OGm6sDGb1axL9S4mhGJbm0yINGXrib2QrrVL8VW+GNG9FQZwjyErx5VGvi1dcw0YsE6Yr1MS9USGOOywqqV3YraUXbQSsixSbh9EOW4H59ESbIUOB1THF80MPIDjJ3K7Cbw8SQXP/GuUg3FLSTjW36ayO4UWLtyJZ+nnDQ+Yqbwxd1DCY5IYOHK4XazXTaJZw19hgJGORlnB/jjdJjGSB7aDvsLFNbar4hdU9LIgxNHmXQaFpmCrxhmz+Qi11tuFheD24Yq+UGLbL6+HQ9U9TH8lJQkXJD6U67APuQ7uimLlzP/4rmS2NgZdlxF5eNClfDnClDKw9GD3xHuO8Rbk4FKpmURPuqAKHf5n9AZ5tkwzFLsE3CFXmtYWJPn8WcOrjP+CqCD6hg1s49Nk/Y+3qfMp3Du6NLhIPKdf33/T7lO0VFs+D8/+Q+ZRN27xXwne5TLgTF+TqR9fBvFWF7RiPHiTmia/WYBK0oMtY+HzqGDI0cAaiLHkLGH38BDzodGfy3dfbleDikXgqG0FO8C61C9HNI4D4DfpA+I273TWbXdkYl5b4NRKUUBXRc/JqzTyFtFN95vwiRMuqUolmi7IklS8XJRBvRkefxWnl4lbrQsybREtXQdxp/jPKn+oi59xzUckQ1vatFb5Qx0Cbddgvd1ti+J3VUuvoabhlBProaqqeurmWySZ7Y861cIqm5HD0U9oql6xQxbevoCR3kxXp2ikCfWbxbiUK1RV2PuEGLeYoEkDBvoKJw920aS36kLluRhOF6YFvaSID/8PjT/wNoJOOo\",\"chunk_number\":0,\"encoding\":\"zlib64\",\"token\":\"NnqtoKDug3tNcJeYyq+pEWgsIOia+fVV5xb0CDqfZu5wL0hHNuerjZ3w/hr1sT3a//Tw8idco39OjWhiv0x72D87f5ZKt6i9ooCL6JfX\"}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 27 Nov 2025 12:52:37 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: \r\ncache-control: max-age=0, private, must-revalidate\r\nserver: Cowboy\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":186,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tracking.bluewatersredfish.com/aff_c?offer_id=389\u0026aff_id=11\u0026aff_sub=Z1G10MVS\u0026aff_sub2=mbinder@slurpmail.net\u0026aff_sub3=179\u0026email=mbinder@slurpmail.net\u0026aff_sub4=2025-11-21%2014:00:48\u0026aff_sub5=enablecomp.com","fqdn":"tracking.bluewatersredfish.com","domain":"bluewatersredfish.com","tld":"com"},"ip":{"addr":"52.209.186.26","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-27T12:52:33.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tracking.bluewatersredfish.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 11 Apr 2025 00:00:00 GMT","end":"Sun, 10 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3D:DD:97:69:E6:ED:B6:53:62:A0:E6:D1:8C:26:FE:FA:6F:2B:B8:9A","sha256":"D2:DA:6B:1A:CC:90:EE:1B:C6:EA:44:FD:22:83:11:70:CD:0F:B4:54:F7:3F:51:B6:4D:AC:29:99:F6:DC:84:A6"}}},"request":{"raw":"GET /aff_c?offer_id=389\u0026aff_id=11\u0026aff_sub=Z1G10MVS\u0026aff_sub2=mbinder@slurpmail.net\u0026aff_sub3=179\u0026email=mbinder@slurpmail.net\u0026aff_sub4=2025-11-21%2014:00:48\u0026aff_sub5=enablecomp.com HTTP/1.1\r\nHost: tracking.bluewatersredfish.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 27 Nov 2025 12:52:34 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 328\r\nConnection: keep-alive\r\nCache-Control: no-cache, no-store, must-revalidate\r\nExpires: Sat, 26 Jul 1997 05:00:00 GMT\r\nLocation: https://dfgtrk5.com/RqnQW?affid=1017\u0026firstName=\u0026lastName=\u0026email=\u0026zip=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\r\nP3p: CP=\"NOI CUR OUR NOR INT\"\r\nPragma: no-cache\r\nSet-Cookie: enc_aff_session_389=ENC036633e0c0bc087e6f78f20d674202d0cf1bd9796f6b0a557f540e938f110040a7693ad22beecc245fe2687d1eec04fcf71b5153c50f8911c57bc35919f17d5750960a5512e44491f2eaa1e7c421dff6206329b18434b61f2a053d3b54ea82c102b2bff1b951476112e25c52a110badc999eeca8abd1576c7f4c49a227b336f4efcfcfae395a4b74481bdf79e943afc4b7ed0dde0b9e079e61b3af7224ab9180442e2bc610e5ee81b7fbadacb5ad41d9b862500b8858585b87377bffa9f6cd02700a633a82; expires=Sat, 27 Dec 2025 12:52:34 GMT; path=/; SameSite=None; Secure\nho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzQuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 21 Oct 2028 23:32:34 GMT; path=/; SameSite=None; Secure\r\nTracking_id: 1024d0f3cae43e0995c75e3bbc3e03\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: Tune-SDK-Version\r\nAccept-Ch: Sec-Ch-Dpr, Dpr, Sec-Ch-Ua-Model\r\nX-Request-Id: 1b12ab0f964da7ee8eec5a51909ee087\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50191,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":560,"timings":{"blocked":260,"dns":95,"connect":34,"send":0,"wait":39,"receive":1,"ssl":128},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/shared.css","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/shared.css HTTP/1.1\r\nHost: assets.steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOG5c7wODxdYgOBFCphj5cjBsFxLtKJTwMuqK5kjqO3zzyB2LmfHZRH8KnyxBDEa607yfxfd04o\r\nx-goog-generation: 1763488218184026\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: gzip\r\nx-goog-stored-content-length: 27715\r\ncontent-encoding: gzip\r\nx-goog-hash: crc32c=so06ag==, md5=lk5FJ+vQb56iv6sWdRDbXQ==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccept-ranges: bytes\r\ncontent-length: 27715\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Type, Access-Control-Allow-Origin\r\nserver: UploadServer\r\ndate: Wed, 19 Nov 2025 01:43:29 GMT\r\nexpires: Thu, 19 Nov 2026 01:43:29 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 17:50:18 GMT\r\netag: \"964e4527ebd06f9ea2bfab167510db5d\"\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 731346\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":158593,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65371)","md5":"5b383e1f39b2ed446a54e21cacb35dbc","sha1":"b690baf7aebb69011a219a353f70191cf510dd5e","sha256":"623e4beab5eac09474a6524eb3da4dc7f04753954ede4a4bee4df63970856251","sha512":"b4ac44ad6e4b241be0b7d020094028b980bcb460e56b67e7c7890dd1aad7896c5d4c8ba288e2073eaaf9d50673e8f3de15a76e69778f0ddd1f7018c15d083a5f","ssdeep":"768:DzpGxwXsIHriQ3ZFFsZI69HZyiqPeFbk1NFebrbBND9+AMvhkzUyGiO4sQ1Nap4p:KwXjlYI69HZyiqOk34NMfy0DT7GCd54","tlshash":"55f3b560f62030aa3373c16975d0fecb271aa043d5664eb7f16f65e84b885ca1673f1a","first_seen":"2025-11-04T17:50:04.122095Z","last_seen":"2026-03-04T11:23:56.379488Z","times_seen":5852,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":113,"dns":51,"connect":25,"send":0,"wait":28,"receive":26,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/runtime.af69759fd9c462f5.js","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/runtime.af69759fd9c462f5.js HTTP/1.1\r\nHost: assets.steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOE_sct_0m59GW1C68dep_4NpqVkbtekP-O664AJf9j1sbk2rseJK5ih3Zg2EJhCXlNw\r\nx-goog-generation: 1763488224275249\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: gzip\r\nx-goog-stored-content-length: 1749\r\ncontent-encoding: gzip\r\nx-goog-hash: crc32c=AFkhXA==, md5=cuVuyTmh77pHOJM7FLqoKQ==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccept-ranges: bytes\r\ncontent-length: 1749\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ndate: Thu, 20 Nov 2025 19:13:27 GMT\r\nexpires: Fri, 20 Nov 2026 19:13:27 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 17:50:24 GMT\r\netag: \"72e56ec939a1efba4738933b14baa829\"\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 581948\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":3155,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3155), with no line terminators","md5":"e58cefd376bb1c215ebe9560044533c6","sha1":"6d9c4af615d17624d0a368e273d3a977e3e5330b","sha256":"35de07cf9c19a68fc7ba91c970dace47405de877d15c01f3d50230231602c080","sha512":"abc9416686cf80f72271cfaaad53c90966b1ed2a02f82d8605ae37df00f6d6c6ecbdedeb13c1965dd9b53a7487d1fa0492ae1eb69636dd078f35bb27d3726ba0","ssdeep":"","tlshash":"db51d6f42264fefa2ba548c11c3c94e5b8183033156bade2a71bdc16f62c9d44559f71","first_seen":"2025-11-11T16:14:52.513275Z","last_seen":"2025-12-13T14:51:29.325682Z","times_seen":2124,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":109,"dns":47,"connect":28,"send":0,"wait":13,"receive":1,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.trustedform.com/trustedform-1.10.27.js","fqdn":"cdn.trustedform.com","domain":"trustedform.com","tld":"com"},"ip":{"addr":"65.9.46.23","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:37.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.trustedform.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Mon, 13 Jan 2025 00:00:00 GMT","end":"Tue, 10 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DE:54:2A:17:15:5E:25:8E:83:28:1E:11:46:BC:0D:35:08:6E:B5:44","sha256":"D9:BF:A7:21:D0:CC:C5:30:96:23:75:3E:EB:A8:D3:29:C6:80:7E:94:A4:29:D1:19:E1:44:9C:74:19:07:4C:45"}}},"request":{"raw":"GET /trustedform-1.10.27.js HTTP/1.1\r\nHost: cdn.trustedform.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 05 Nov 2025 17:06:10 GMT\r\nx-amz-version-id: 1tRSSn_dKvIFZK2hSSe9FndpUDCEu7O7\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\ndate: Thu, 27 Nov 2025 12:52:24 GMT\r\netag: W/\"ac04052d54015fce2d873e1539a69e9b\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b80af6d90290b622c680fa62cff91fca.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: dgAe0OdmQsYSgBkKxOjmFNmH_rbXEtYN7bfERCWG0Qk869ALAAbG2g==\r\nage: 26\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":110901,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ac04052d54015fce2d873e1539a69e9b","sha1":"d6447a38eb571e500aea60b8fd256556263b899a","sha256":"1f820f01f6d77e3a69d0e767b8a063c1f8985760606f8116b495ae7dcc07eb88","sha512":"3959f2bbe3c773d59c426c76bd344d3d69a053fbf6cd0610c5512893c890299d5a7c78bed46133679c15f1c64ec28d6c4f1c93bf7c4a0bb0693ba88e3cd968fe","ssdeep":"1536:/f6U5BtaL5StlSx/zVXhPiE3AaSkyY2cIc4VsyKn:/f6wBFSxzVxVAagjcITsy8","tlshash":"ebb308cc77c6b07b0ba370b1416f414bb23a6915688ea451d215f8e43c7894fa63bfad","first_seen":"2025-11-05T17:08:16.960024Z","last_seen":"2025-12-01T19:48:55.216075Z","times_seen":5694,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.steadycash.net/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments/steadycash.net/env.json","fqdn":"assets.steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"35.227.250.112","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:35.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments/steadycash.net/env.json HTTP/1.1\r\nHost: assets.steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AOCedOH4m1Y2Ba1DZHsvFwFYnnqZrONomxEpOdIT54DQyk9921h7GHdwzaEhRUVLsm6W3RyOemjKUjo\r\nx-goog-generation: 1763488262818615\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: gzip\r\nx-goog-stored-content-length: 293\r\ncontent-encoding: gzip\r\nx-goog-hash: crc32c=XpEZNQ==, md5=q0rPSPWjaSp9elaPXhv11g==\r\nx-goog-storage-class: MULTI_REGIONAL\r\naccept-ranges: bytes\r\ncontent-length: 293\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace\r\nserver: UploadServer\r\ndate: Tue, 18 Nov 2025 22:07:31 GMT\r\nexpires: Wed, 18 Nov 2026 22:07:31 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 18 Nov 2025 17:51:02 GMT\r\netag: \"ab4acf48f5a3692a7d7a568f5e1bf5d6\"\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nage: 744304\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":607,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6b876f37ee56fc88a1184645eb39345b","sha1":"96c7f04c8767ab48f4d1fc2605f8667a68109f73","sha256":"d6fecc7bd737ca7afb9be1a16c8822a45daab90dd30546bdd7c436b444510752","sha512":"11bec1e7c6e8bb94596041edd7e24c54f6559157b4c8508e933d5435815aca30363f4ef39e2ba9334127925793a97c3014f39b0cb9f9863839aa72a20c0247a7","ssdeep":"","tlshash":"f9f0fcb8d12c1c5307c4546884ef0282a469ec07c7447d7675cf4b4d4f5ea39687a35a","first_seen":"2025-08-04T00:29:01.695449Z","last_seen":"2026-05-10T22:20:44.832383Z","times_seen":420,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"assets.steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments//steadycash.net/images/request","fqdn":"res.cloudinary.com","domain":"cloudinary.com","tld":"com"},"ip":{"addr":"104.16.78.6","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudinary.com","organization":"Cloudinary Ltd"},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 24 Apr 2025 13:45:55 GMT","end":"Tue, 26 May 2026 13:45:55 GMT"},"fingerprint":{"sha1":"8C:61:DB:F4:59:AA:B3:DB:D3:12:E2:66:0A:25:C6:AB:C2:AD:20:6D","sha256":"72:8C:8C:F1:15:FA:11:D0:30:77:C3:1F:DA:FD:AB:28:E6:81:ED:68:D1:8B:B8:E3:EB:B6:58:30:DD:87:8B:C3"}}},"request":{"raw":"GET /dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments//steadycash.net/images/request HTTP/1.1\r\nHost: res.cloudinary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://assets.steadycash.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4104\r\nserver: cloudflare\r\ncf-ray: 9a51c37f0a4a0b69-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: private, no-transform, max-age=2592000\r\ncontent-disposition: inline; filename=\"request.webp\"\r\netag: \"9e47f8e82cfb1feb282c40505ebab6d2\"\r\nlast-modified: Tue, 18 Nov 2025 21:04:35 GMT\r\nstrict-transport-security: max-age=604800\r\nvary: Accept,User-Agent,Save-Data, Accept-Encoding\r\naccess-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options\r\nserver-timing: cld-cloudflare;dur=14;start=2025-11-27T12:52:36.335Z;desc=hit,rtt;dur=1,content-info;desc=\"width=400,height=400,bytes=4104,format=\"webp\",owidth=400,oheight=400,obytes=17775,oformat=\"png\",crt=1763499874,ocrt=1763488264,ef=(1,11,13,17);\"\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-request-id: beb3e3f7a7bdca8344263d40d17cc792\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4104,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9e47f8e82cfb1feb282c40505ebab6d2","sha1":"1db1b73b4a539cbcb22a368bfe667b552d26e2f7","sha256":"7dd52a648645ca7a580e182c77e0d4bca330460c0adcd62f01e0804200669ebc","sha512":"3bb131a4810649864d62af40e603065c28a31d3db52d9316063abfa71e5fbe01c25b7eff82ee414404cba2fba463e8e7219f03e6789a9bfd3d91aa54b2c25750","ssdeep":"96:M2PKt84t+o0h3BJBVOtYZCFl1C/9L01vgfB:M2ytRwThxVOtYZso01vgp","tlshash":"cd818e30408ca76b8661111c352a035a63ec5fdccfd8a9fc43b7ec019b561a99b04c3b","first_seen":"2024-08-20T11:12:13.432872Z","last_seen":"2026-05-10T22:20:44.83842Z","times_seen":421,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments//steadycash.net/images/cash","fqdn":"res.cloudinary.com","domain":"cloudinary.com","tld":"com"},"ip":{"addr":"104.16.78.6","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudinary.com","organization":"Cloudinary Ltd"},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 24 Apr 2025 13:45:55 GMT","end":"Tue, 26 May 2026 13:45:55 GMT"},"fingerprint":{"sha1":"8C:61:DB:F4:59:AA:B3:DB:D3:12:E2:66:0A:25:C6:AB:C2:AD:20:6D","sha256":"72:8C:8C:F1:15:FA:11:D0:30:77:C3:1F:DA:FD:AB:28:E6:81:ED:68:D1:8B:B8:E3:EB:B6:58:30:DD:87:8B:C3"}}},"request":{"raw":"GET /dbtcg826q/image/upload/q_auto,f_auto/t7/b4e9fff4-b91b-4107-b694-a37ccdedb860/dist/dynamic/environments//steadycash.net/images/cash HTTP/1.1\r\nHost: res.cloudinary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://assets.steadycash.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3282\r\nserver: cloudflare\r\ncf-ray: 9a51c37f0a510b69-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: private, no-transform, max-age=2592000\r\ncontent-disposition: inline; filename=\"cash.webp\"\r\netag: \"1d898a888a846f3f9e58b077742beea6\"\r\nlast-modified: Tue, 18 Nov 2025 21:04:36 GMT\r\nstrict-transport-security: max-age=604800\r\nvary: Accept,User-Agent,Save-Data, Accept-Encoding\r\naccess-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options\r\nserver-timing: cld-cloudflare;dur=20;start=2025-11-27T12:52:36.336Z;desc=hit,rtt;dur=1,content-info;desc=\"width=400,height=400,bytes=3282,format=\"webp\",owidth=400,oheight=400,obytes=13611,oformat=\"png\",crt=1763499875,ocrt=1763488262,ef=(1,11,13,17);\"\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nx-request-id: 41efc8601c1c9f4afb588842173d2969\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3282,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1d898a888a846f3f9e58b077742beea6","sha1":"dd0d18720cd95b4eee286c45fba292dc82a166e7","sha256":"5db2ba0256e2ebdeedc5787fb7425ec52042f95f74491d5efe1b57157f705f8d","sha512":"a7813917be20c438c0d4959c0355c93ce51ebd36e643f2fea6acbaccf891ead795b0fc048dd2e47d08ce44e86121eb155acdcb04d1653cfd35b9459648664209","ssdeep":"","tlshash":"34615c7770dd305f8014a3b0081dcecd60efb06a59dd6439c7037fd89a287a95b62b08","first_seen":"2024-08-20T11:12:13.425265Z","last_seen":"2026-05-10T22:20:44.82728Z","times_seen":421,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"steadycash.net/favicon.ico","fqdn":"steadycash.net","domain":"steadycash.net","tld":"net"},"ip":{"addr":"34.121.35.39","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"steadycash.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Oct 2025 14:25:23 GMT","end":"Thu, 01 Jan 2026 14:25:22 GMT"},"fingerprint":{"sha1":"A7:2F:CC:18:46:B0:A9:E8:F7:BB:83:1A:BF:5B:01:1D:94:1C:57:28","sha256":"8D:BB:2E:22:C0:B0:1D:13:C3:8B:FF:38:8A:6D:A3:92:E9:08:94:A2:4D:EA:A3:DC:82:9B:55:EB:0D:5C:06:16"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: steadycash.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=\r\nCookie: Authorization=AAHFPkcoFrZnbx7O6eJqQJ9kZlpcUEQ23w0F9lKXN9KFXfKYgSzxCdbiD9Io9FAq8SE=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 \r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\ncontent-encoding: gzip\r\ncontent-type: application/json\r\ntransfer-encoding: chunked\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":null,"data":{"size":121,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8b2eaef8c4f333e35551e3f57f7aff48","sha1":"ffc1e34d13e13a498c7bff27d0442d07280d7162","sha256":"c05def19af76a50c8cc3027e1134a9f7d3c0ba8a76106889288da120320e226e","sha512":"40be01c9fc75f6b05dca937f9d83ebc3fc1a5f0f8325cbc347f2b27d8ef9afdf58ad4cdabf3312538dcc9beed69846f1ee9e6811514b9bccab5c4c7162c2754c","ssdeep":"","tlshash":"f7b09214596d901629c1d02d24a8a2a0aa838f870ba5381226cb872c9e3f46fc8b586e","first_seen":"2025-11-27T12:53:02.657922Z","last_seen":"2025-11-27T12:53:02.657922Z","times_seen":1,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-27","alert":"Sinkholed","trigger":"steadycash.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.trustedform.com/certs","fqdn":"api.trustedform.com","domain":"trustedform.com","tld":"com"},"ip":{"addr":"54.160.9.121","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://steadycash.net/?affid=1017\u0026cid=1278\u0026email=\u0026firstName=\u0026lastName=\u0026s1=11\u0026s2=1024d0f3cae43e0995c75e3bbc3e03\u0026s3=389\u0026zip=","date":"2025-11-27T12:52:36.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trustedform.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 08 Jun 2025 00:00:00 GMT","end":"Sun, 05 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:AB:43:B1:B0:8A:50:79:5D:75:F8:50:2E:87:D1:61:C3:A5:FC:9E","sha256":"09:8E:30:0B:F3:24:44:6F:55:46:4A:1B:16:24:36:37:D9:D0:35:CF:AA:A7:BE:E0:F9:A9:69:8B:64:53:7F:D3"}}},"request":{"raw":"POST /certs HTTP/1.1\r\nHost: api.trustedform.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 633\r\nOrigin: https://steadycash.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://steadycash.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":633,"data":"{\"page_url\":\"https://steadycash.net/#/secure?nt=9778\",\"user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"tfscript_version\":\"1.10.27\",\"tfscript_params\":{\"lock\":\"17642479567359044883576863844\",\"field\":\"xxTrustedFormCertUrl\",\"token_field\":\"xxTrustedFormToken\",\"ping_field\":\"xxTrustedFormPingUrl\",\"form_selector\":\"\",\"invert_field_sensitivity\":\"false\",\"load_async\":\"true\",\"use_tagged_consent\":\"false\",\"provide_referrer\":\"false\",\"l\":\"17642479557060.24437161291510967\",\"sandbox\":\"false\"},\"snapshot_metadata\":{\"browser_width\":1280,\"browser_height\":1024,\"screen_width\":1280,\"screen_height\":1024}}"}},"response":{"raw":"HTTP/2 201 Created\r\ndate: Thu, 27 Nov 2025 12:52:36 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 497\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: \r\ncache-control: max-age=0, private, must-revalidate\r\nserver: Cowboy\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"201","status_text":"Created","fingerprints":[{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]}],"data":{"size":497,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f7d637abca75eddb6b7f19bd4ea5a957","sha1":"58ae8a0d2fd51234c98fd27971550d8908a51886","sha256":"886cc9c6a4c7ba9262a5da63fd46e91d16b733dafafb5bbdc4909e1b3c0b7b97","sha512":"8ff10aa1b8faa0d832ca439f607842b93160a309826ff5948127530c47d0869b0325dcaecd950fbb503a658f88b625e149f9532cfc468eeee485d3ae20b6d432","ssdeep":"","tlshash":"11f00e37a7a44c6797c903991880f1398e1a070b2c638aaed042fda809d6026622cf06","first_seen":"2025-11-27T12:53:02.66608Z","last_seen":"2025-11-27T12:53:02.66608Z","times_seen":1,"resource_available":false,"data":null}},"time_used":482,"timings":{"blocked":194,"dns":1,"connect":94,"send":0,"wait":94,"receive":0,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}