Report - www.financescam.com/legal/

Report Overview

Visited public
2025-05-14 18:22:36
Tags
URL
www.financescam.com/legal/
Finishing URL
www.financescam.com/legal/
IP / ASN
104.26.8.7
#13335 CLOUDFLARENET
Title
Legal Policies | Terms, Privacy & Disclaimers | FinanceScam.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

144

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.financescam.com	unknown	2019-03-27	2025-02-10	2025-05-07	39 kB	4.0 MB	104.26.9.7
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-05-14	591 B	384 kB	142.250.74.168
owlcarousel2.github.io	82083	2013-03-08	2016-07-01	2025-05-10	456 B	88 kB	185.199.108.153
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-05-14	2.3 kB	433 kB	104.16.175.226
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-05-14	1.5 kB	52 kB	104.17.25.14
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-14	480 B	5.5 kB	142.250.74.10
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2025-05-14	516 B	20 kB	104.16.79.73
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-05-14	6.2 kB	480 kB	104.18.95.41

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed
2025-05-14	medium	financescam.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (117)

	URL	From	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	14 B	2024-12-12	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-05-14 21:12 Times Seen14436 Hash ff03fc8f0c3179fb4dcf4389f88a1c16 05ff911d7ddf2d7c14b4316a87fd08f42c618f9f 025229ec6bb50e915572750c5045d22c5fe16851fd077f1411f41b19aa1dfece Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	www.financescam.com/legal/	ScriptElement	167 B	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 6481bc0a9d8f758c29f7848e19d3ab03 1870a34fa016866c8629807ea0caf48389308574 5db51c186ead32da2dca6a87cdac4a3d09e8ac76e6acf0f3cd5033b7fadf1436 Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js?ver=5.0.2	ScriptElement	79 kB	2023-03-07	2025-05-14
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js?ver=5.0.2 IP 104.16.175.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 18:22 Times Seen11945 Hash 0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash ad4684f08deaf29ed08eae05b94ad007 1193d85c3bd65efb9a2b5e26fefee2824891cbbe 0f4d25cf7d3bfdcb534ee74da69387d348f6c0871531d9562b361279ab8bdf93 Loading...

	www.financescam.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.28.4	ScriptElement	5.4 kB	2025-04-22	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.28.4 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 14:30 Last Seen2025-05-14 19:25 Times Seen624 Hash cfc90a4513123659d28c6b135d35e37f 414e0ba207f3f8c3f121407103573f88683e404f 4de4355c4f34101a88659f6aed0f83d4a01b6896448ef70b5eb8b859351a12d9 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	www.financescam.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.28.4	ScriptElement	48 kB	2025-04-22	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.28.4 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 14:30 Last Seen2025-05-14 19:25 Times Seen624 Hash bb063c394bf9e36adef1c3fb9a0dd089 5646a3b1dd0e5dfda443f42921b777993d6855be bb6d11f129aed3561eb1863a57c3800ccd631c640bd605c5db00be9aec7e20b4 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash e5b38099259d21858c365d32d8bc54f5 5ddad42a445bb38f75ed16f6810fcdd3a0a8601b 6c4bd8cd3d6a96f4009be1de4c05bf40215121545135271fc0d75eca7b9f114e Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-05-14
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-05-14 20:58 Times Seen50266 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 0449e6c20a817319766dc5a232d589ac aa68dd7a3d92ba243c0584f2662af4a042575ef8 d6bbb189b66481fa9f9a040c027c5b9a5097bebca0cd8a7c5d0a6392f40d0c28 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash f1cb2f284e78fdf5bf77aa45ef352ae1 a159c4a2f68ea797cc34845281f5a8036498a765 8e02c99d2db3ccea447e972be2812c62895694422dcc11ac4243094ccadf5993 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?onload=wpformsRecaptchaLoad&render=explicit	ScriptElement	48 kB	2025-05-13	2025-05-14
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=wpformsRecaptchaLoad&render=explicit IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-13 14:11 Last Seen2025-05-14 21:17 Times Seen300 Hash 3946a8b345d6020f3f424ae5f37e818f 27267dd319814b647f04bfe0ae09e1ca51ddc896 a7fdcf655a6349724c367f366c852b2e0309e9ad7a25b376df82a48e1dd98482 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash dbb62fa39c686e73c986039e1f19d2a6 5efb791ed3da47fd6fe7cecf431e84d7dc46d06f a3aa35e874590ed64131d38f45758521b40f6ddacc84fc91b31d6588c5c51777 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash bac382f26fd30ec55b49da95cfc487c6 5387d5e2a50a9866bf6acee9701d10a9caf04e13 d2257f5ed33d5ac23e813782b96b363076e21ba7004ec2d09761ea2be2427b41 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash b471e985cd3bd1364114be8df4a573ac 4636ea50908958d957b0bb3f4803489616816e0e 444e07f3dc1b6caaf3dffc596d1dc96f968ab6227f47802befadbd94929e75d2 Loading...

	www.financescam.com/legal/	ScriptElement	172 B	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash a1815d819e8e46c8bda3121248930963 b7457a64482a012ac4115367825bc0115d1147c4 2fec165cf7fc0151750c9e8db031d7c92bde534285b4939606b3b79754dde524 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=93fc6b5b1c2956be&lang=auto	ScriptElement	114 kB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=93fc6b5b1c2956be&lang=auto IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash cb577a1ac25e29b5da3989427ec7eeb4 8992c27c068e9b0a2457c8255d5e753ef81e9a2a af11a65b7c892d835a1c101b5cd58673fc8fe7be1c9378e989030a186065c083 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	87 B	2025-02-20	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-02-20 12:03 Last Seen2025-05-14 21:12 Times Seen12052 Hash 1d2acc5165080dd018feaf08ea69e588 26698128d62a4d0c2c902723f8eb8d62043dab06 6d5c9f536080a954f2b1bfcc1f1273fda5a5d464111900b8fe9c7c49c6f2b9dc Loading...

	www.financescam.com/wp-content/plugins/foxiz-core/assets/core.js?ver=2.6.1	ScriptElement	14 kB	2024-12-27	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/foxiz-core/assets/core.js?ver=2.6.1 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-27 00:37 Last Seen2025-05-14 18:22 Times Seen12 Hash 190c43b1f3337463ec7b0f9bb52858c7 3f7c71944d6f503fc5d8455ef540c82099ed3a3c c1cbb4f9664d82ef6c56d07a12e1c7c9448b224c74aea34ef68903267a162eb4 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 3a153a6084189e2b2c0c9b56290a0e7a 0adb5dc24ce53596fc4493ac54bd5284f3755c45 8b9cbbf781c84200c4bdf6fbd3097d706e4a7f795758a46ed9172bf3d9820085 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 67f1b097574cf8a103657254ed1d56f7 1df0dabe0ade0ca38c75add85a79972915e027b9 1666656a77a359451041be01447e44f62bb6227174603f144036a321e841f0fe Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 11ce828b3e33e11998867a2c35e6e89a a0b957d513b7451ef9e4445355a33c3b40b1a89d 296eef2e1a3b309c175038e8a3d1453db1c768509d3d066d504862730bfd9858 Loading...

	www.financescam.com/legal/	ScriptElement	611 B	2025-02-10	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 11:53 Last Seen2025-05-14 18:22 Times Seen2 Hash 4934ef86bf4a81ef14327b647b683b12 bd43390199a585e4ac5cf19c72dfb148f4352843 ffa1c338b80d32a3c5da93af52027e55d4d78e3d44cd1e85be9ae3d0917de3d7 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	94 B	2024-12-12	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-05-14 21:12 Times Seen14403 Hash f47389d2f1abd47dbebeef3e2d3ae8a7 dde5aa75f9a647e73d3e2d3fdda68898f850f72d 30893b81b3c71cdbd5cf34b54fb52f8eef50b27d8a3f2498a28d2b89bd987fda Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 898bcf7350a039d489ae6cae9363214d 79c7399fe0729f3d6d51d11b95e228abff64d210 0a786782dc88d04b5cd7c1b956429d0ebe6017d704d60ab689f2e4b3b60f21bf Loading...

	www.financescam.com/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/script.min.js?ver=1.8.5	ScriptElement	11 kB	2025-01-27	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/script.min.js?ver=1.8.5 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-27 15:52 Last Seen2025-05-14 18:22 Times Seen65 Hash dceb8355076abae8fba0e5dbeacc6a3e ac6856fb30b8a5ebd3b6432784b3a1de5b7a1c95 454025807edaba59732eb9dd3d06dc5a317a0095bfbac14ddd5a28b2b9de8be4 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	16 B	2024-12-12	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-05-14 21:12 Times Seen14395 Hash ca897fb253cc8807c5aafc947eb02fb6 25137d68712ada7d3ad424c80bc0d688a696f7bb 57f9c536daa79c4d770534dbafbe2e7b2b2aa48b9eb2617b4e670b8a78a4a4ce Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash c0c25c6f80390282fb1cfd6ede35956b 2bbe8504cf4240ce47fce56e47f79ac8750868c5 f73522f9c4e86382b31db55bd4ceb4f49eac18004c8bef6495e6cb069c1d7896 Loading...

	www.financescam.com/wp-content/plugins/wpforms/assets/lib/punycode.min.js?ver=1.0.0	ScriptElement	1.7 kB	2023-03-07	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/wpforms/assets/lib/punycode.min.js?ver=1.0.0 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-05-14 18:22 Times Seen1720 Hash 23b0d9051790b4a386f66ff1836815bc 0dc76a6bcad4bdce1b88ec6e68215733c97fc520 69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash b0bb6433defe484ce619487d6939a790 c00c4b31a2747077523221896e1fbfdade995b3a ed6b3305ce39bf40b69aacfb3a72e14c076c3472ae26cfcda347234e06c962a8 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 1a9673bde8121e61838be4c0a6c0ffc6 16acd500d0f0abe59cf8620811655ffac6db21ff 3de02a6051d142c704462e93998e6ec6175fb8105cf17556387e6762bb9190f6 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash dc460324c31177d9a59e4371b3f768a5 f636d5f3e99edf0a64e2dd1de24794c868513ce1 9e6b0e9e563106acb13cd8559e07252535cd743de6d0b2fc05efd704f09bf11a Loading...

	www.financescam.com/legal/	ScriptElement	658 B	2025-05-07	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-07 20:16 Last Seen2025-05-14 18:22 Times Seen2 Hash d99a06c8d44b3778dc7609241a35c095 964b3d52cd1e43e0ed5c6f4eb03a245581c6efd3 1d25e7abf195780408cafac51ab705095d2fb09098e841303f67fe16a5089538 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.0 kB	2025-03-02	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-03-02 18:12 Last Seen2025-05-14 21:17 Times Seen5266 Hash 6934d9d33cd2d0c005994e7d96d2e0d9 96d89030c1473585f16ec7a52050b410e44dd332 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 63b963de968b4d95157b97072b183135 0ea856d7e72c7abe244589ded1612e579e95e735 d342a171423d7c13bfaa3e0db822cd162e4a3207fcbd5e60f1130b64aef8fcdc Loading...

	www.financescam.com/legal/	ScriptElement	193 B	2023-03-07	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:38 Last Seen2025-05-14 18:22 Times Seen781 Hash 9206b21ebb5e82ef645b48d00fcd459e e0f57091cf629ab74683bdfcbf0aa4f14c2246a6 7961004ec7f1f2a5a7abe30fa05dfe07d8145aa0f33cf40b84f2b009d7100b36 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	14 B	2024-12-12	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-05-14 21:12 Times Seen14461 Hash 33ff6022e88df59f8dfc9eb546435e9c 7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4 a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 49ef9365a4fcecde19063be284292ef3 303fa2eb9c74ec50f644da66c8f3d62b8ad6a1c5 15073834a9ef91a0f62fbf63a9a7a85256a698dabcfc2395968ab4ec4196ac13 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 43ea6990d3a14909919e489112683c4f dc251f64b2534a955df58b8907b72f5fe496de44 9905d2d1cc65a4995c3a35087ce17dc92674dad2b684017556b8ce9312df716c Loading...

	www.financescam.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6	ScriptElement	9.1 kB	2024-04-03	2025-05-14
Pretty URL www.financescam.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 08:25 Last Seen2025-05-14 21:11 Times Seen28581 Hash a8127c1a87bb4f99edbeec7c37311dcd 9997a1745f48bdd233dbe9bd8164daa53eba105b f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc Loading...

	www.financescam.com/wp-content/plugins/wpforms/assets/js/share/utils.min.js?ver=1.9.5.2	ScriptElement	1.5 kB	2025-03-01	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/wpforms/assets/js/share/utils.min.js?ver=1.9.5.2 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-01 19:48 Last Seen2025-05-14 18:22 Times Seen96 Hash dd247aaff16ce4fa6ccea5df681ae05d 400983f99d86999e827cc2934bb0a9e299c46aca 70a6e1b5aa1b0f0833c120b4dd4d38dd36460fb55d4b1416ea7a0859642cf0be Loading...

	www.googletagmanager.com/gtag/js?id=G-2XDSQEPGRY&cx=c&gtm=453e55d0za204&tag_exp=101509156~103116025~103130495~103130497~103200001~103207802~103233424~103252644~103252646~103263073~103301114~103301116	ScriptElement	383 kB	2025-05-14	2025-05-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-2XDSQEPGRY&cx=c&gtm=453e55d0za204&tag_exp=101509156~103116025~103130495~103130497~103200001~103207802~103233424~103252644~103252646~103263073~103301114~103301116 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 5ad42c87bcbcf3db2fa73fb73e88a1e6 2e3ead3240f70c76b36f474b0af7d37af89cb79c 5d3c98b2443ffcf9af4075c8a29eedfbf7363ffc168f5920fb2e738adabaf158 Loading...

	www.financescam.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-05-14
Pretty URL www.financescam.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-14 21:16 Times Seen93541 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash c63c96aefb8044c43e2084b5ac15c895 0cce7ddaebc3c809224be724c0a4547c4bd3081d 6710a64450fb3b894a198248ceb6eea6de748eb900d726cd14ec6b9c5899e3e0 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 2fe0bb14d0246454e17af202eca73d18 6777253dbc77d209a378383b340ea027f61d998f 2e40266ab450971a76614a38353ca9b392db5d6e8e7ea141d09402e15174d371 Loading...

	www.financescam.com/legal/	ScriptElement	922 B	2024-04-08	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-08 18:49 Last Seen2025-05-14 21:11 Times Seen12334 Hash 6e434b0b4f43ec7216073eed1f3ffb51 8d8a4ab1ed63889095bdf38ba646319b639feabc dd0ec57abf154d52c161fae92db6014f042417d9660679097ae55287041ec52e Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 764e74e89dfba5f503a98d357a7faf42 08fab1821a3f6ca695ac328a3c0b1fc50f525c1a 19c18f39cccd5b92b395b60c5898597969eaf896346915659e8239dbd1522a6d Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	www.financescam.com/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6	ScriptElement	4.8 kB	2024-11-13	2025-05-14
Pretty URL www.financescam.com/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-13 05:08 Last Seen2025-05-14 21:11 Times Seen14258 Hash c6fddbb6be69793478de26fc245b2acf a136ebf5054fdc19729b3592005fe0fefec4bb4c 9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3 Loading...

	www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/wpforms-modern.min.js?ver=1.9.5.2	ScriptElement	6.0 kB	2025-04-26	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/wpforms-modern.min.js?ver=1.9.5.2 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-26 04:57 Last Seen2025-05-14 18:22 Times Seen10 Hash 1972c2d031b962cbbcdd8688c3c74af2 bd1c1ec00899c040fd20c4612feea0d13bb3bd1e f28091c06dd85fda867324dfd47f649719b334f543a8ab1c1ddc40e62f778b9f Loading...

	www.financescam.com/wp-content/plugins/wpforms/assets/lib/jquery.validate.min.js?ver=1.21.0	ScriptElement	25 kB	2024-08-25	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/wpforms/assets/lib/jquery.validate.min.js?ver=1.21.0 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 23:37 Last Seen2025-05-14 18:22 Times Seen342 Hash 9152a2ca7c22170d57da0b724782d17d 33f17178d9b71ce26cff40ff4e46a2ff92af1326 607426a3217b1ed9f5cc7c637e7306fde073a1f34a4126704340c0e98b48a43e Loading...

	www.financescam.com/legal/	ScriptElement	184 B	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 19272e35a825d95ce30078e6e994bda1 cedad0690a13aa63cf69e073c768331be3d011bd a8986ee6777f89fcca2302b86f5b926d30da0e8bfebdf83c3cedd1081e19ced5 Loading...

	www.financescam.com/legal/	ScriptElement	361 B	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash a2b1a65c200a1e23aa8447142f1dd199 884b467ff1281ca32e53c604673323a38ca2cc93 958ba0abd58b47d005e819039c568e1152f1f3b26f3def9307b6c92acfda2e61 Loading...

	www.financescam.com/legal/	ScriptElement	2.2 kB	2023-11-08	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 10:55 Last Seen2025-05-14 20:00 Times Seen3983 Hash d99616d3f03050d7eaf36dc01025b611 b17a22859fcde902d7234ac8d6305c904fa7f2a5 3ee6935e081fad06605e210f960c47cc21b06de5afce1a470395f15b91b3aecf Loading...

	www.financescam.com/legal/	ScriptElement	476 B	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash c36cf018197b3ed6b1fc1a09b249c480 c6a509cecbf79dc48bc2c7945909b7b0ef2e9912 6c8e39550b287fbf7dc21a27b7b33eea5390e4e127375ab14d8f4b7677470928 Loading...

	www.financescam.com/?local_ga_js=c9fd04eb2fd7ed74b790f562023b0c5b	ScriptElement	179 kB	2025-05-14	2025-05-14
Pretty URL www.financescam.com/?local_ga_js=c9fd04eb2fd7ed74b790f562023b0c5b IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash f2785a3a83c4d849b590d57cbd81b54c fe751e9af8bab223272979ec46e3a851ce8bb2e2 c08690f8a0b04ff72737a9c7ffec270d00e9f243b6a87bc5875c2d257e65dbd1 Loading...

	www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/fields/address.min.js?ver=1.9.5.2	ScriptElement	1.1 kB	2025-05-05	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/fields/address.min.js?ver=1.9.5.2 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-05 06:25 Last Seen2025-05-14 18:22 Times Seen29 Hash c54a7248e09385cfa16034fa61edc33b 5a0aecefdc4fc853d3a225a66800ec8c0aafeed7 9703f80cb4ec3bab20d140ac954244ae5d0873522d248aca292464d064d87e07 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	owlcarousel2.github.io/OwlCarousel2/assets/vendors/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-14
Pretty URL owlcarousel2.github.io/OwlCarousel2/assets/vendors/jquery.min.js IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-14 19:58 Times Seen57701 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	www.financescam.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.28.4	ScriptElement	24 kB	2025-05-06	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.28.4 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-06 10:58 Last Seen2025-05-14 19:25 Times Seen62 Hash a0a6e785713b13ab4e193b8ac36ab358 85f1266419c16312e7489063e929d3d688922d24 e21ccbe8f67343aec13c829ffd984d42d043fec9fec35b53155651c1ba676b1b Loading...

	www.financescam.com/legal/	ScriptElement	3.4 kB	2023-11-08	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 10:55 Last Seen2025-05-14 20:00 Times Seen3962 Hash 614e80cfcb8958d8f3ab6beafbbb9e48 5e406a7be52157a25b9b0a4c2cc645113591bcff 181a79c0aee45e874e4ecce90405258b38358c6ac633069d0369fe8f0b2a8bf3 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash d2a884b8acc842700d66dbe5d3ca15c1 0b3982b0fcdfd55f231cbce2b29cd30dd6ca2e1f 6c1899f8d60ff8169bbcb50934ee84dce1fc0df897097adbf1540822e7950dd4 Loading...

	www.financescam.com/legal/	ScriptElement	120 B	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 6c81fce52d5eba643fc7e7b9550c77e6 fe9ed714e7d1f7a960e4dc3382cc850cb21c00c8 dd7fed6ef2723157c1bb101d8b9de96739cc5e508d36a93d13a9f3899a6be893 Loading...

	www.financescam.com/legal/	ScriptElement	924 B	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 275d7d62e91920914d3d084972305f57 79c3176128ad747bd4698a3bcfce2a22b6f373f7 73bf0bd41a403274178ce1dd56e2ef11bab2a327d97e7b53ccbbac49902836ad Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.1 kB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:26 Times Seen2 Hash 099ad63e78099d685170b1c55ddc417d 7e97cb4c158a57ecfa3140e7755380683ab0afe6 4afa55ba46df6d674fe1f4e41d707aa986e0ebe23b9b560a680611643ec2683b Loading...

	about:blank	ScriptElement	236 B	2025-05-14	2025-05-14
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 8a6eca2def5592917f67fdedc36df8f3 82cdbc26edad184421d0cd6a5de149328f362a4a 48d8db8e974b4221dbf8caa63381b4c7928b35dc5ba77c3e2d132921da222a1c Loading...

	www.financescam.com/legal/	ScriptElement	94 B	2023-11-08	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 00:42 Last Seen2025-05-14 20:35 Times Seen17425 Hash 02d7d8402b7ddb8e6fe47f2a35071e8d 174b5a8fe0ecdfa989fbf40f3ecd51f1d0117693 8a96c1a0a8b1c2a8eab8adfa21634b7f2c4226f6bc5322df1ab7efc4f1f1af7f Loading...

	www.financescam.com/wp-content/plugins/elementor/assets/js/text-editor.c084ef86600b6f11690d.bundle.min.js	ScriptElement	1.4 kB	2025-04-22	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/elementor/assets/js/text-editor.c084ef86600b6f11690d.bundle.min.js IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 14:30 Last Seen2025-05-14 19:25 Times Seen487 Hash fbb46d042cbaa297715281b405d27de6 70af55fa0359c6711e1ea78fa175ea13814eab5e 6d80dffc8d3a897c2eb4e7bc77b8906c9ad45a7484b6a962173959c9f72d8fbf Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	www.financescam.com/legal/	ScriptElement	1.3 kB	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash e06649505701dd9436ff9c9788ddfae8 693eb20665512618af4165ff256076c09e7215e0 a83f7cda3c841eef9ab9baf9b28ddf9e914b3634fe7a310504e295716aa8bb42 Loading...

	www.financescam.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.2.1	ScriptElement	24 kB	2023-11-22	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.2.1 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 22:20 Last Seen2025-05-14 20:06 Times Seen4725 Hash 9e7c898d1649315173db5d2d8730fb75 364a6836a90b28329404b7d7f58a524861ef63f5 f9b60ae2f2938c589960ef00d9b9a644f0847f7183f597cdc3fbf8cfe904c552 Loading...

	www.financescam.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3	ScriptElement	22 kB	2025-04-15	2025-05-14
Pretty URL www.financescam.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-15 23:53 Last Seen2025-05-14 21:11 Times Seen1384 Hash da215ae12b95b3aeeb2047667016c7f8 480a7087aa74b5b47c47f05a11670e823a3ae4c0 699210a5ed06e497b4730ec83bb65ac4c2269ae4a0ee8af3f24aae7ee5b66b76 Loading...

	www.financescam.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.28.4	ScriptElement	44 kB	2025-04-22	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.28.4 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 14:30 Last Seen2025-05-14 19:25 Times Seen628 Hash a8d69da81f6fc6691d1de30ae4cf4a5f bc595ccd13214fd8acbef1aa5e389dbff1c0acf8 85b6b8c36b34a35aa2c3180baa5f3ad249379206dd297b48c5d249c6a4025206 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	ScriptElement	4.6 kB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash a972048683884c5dcdc9674da4a9ee91 9351f28f1f638ca9ef42d9e62b3a440dba6a404b 0f484caef2f35e757538c5d9031ab3c1f613ac6cf9456ac0da070df3cb757eef Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	www.financescam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-05-14
Pretty URL www.financescam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-05-14 21:16 Times Seen107056 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	www.financescam.com/legal/	ScriptElement	2.7 kB	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash b4faa9e306a10cf1888fb1fa57c70a74 e11385c54323c704a61fc39c4644d300bdbb1025 a93a4e98091828937f998390c177c1afaa0e2c25ef45f30a3684fd1b5b06d9a2 Loading...

	www.financescam.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.28.4	ScriptElement	6.3 kB	2025-05-06	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.28.4 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-06 10:58 Last Seen2025-05-14 19:25 Times Seen62 Hash 706e4597d9871a9237a5f634bdd8726f 9dca4d973cdbcdfabcabeb2672a4cad50b3109da a0985cfb51555fd37a270d7c1fae611a1b500b0d1cb7c06279b80916e1df898f Loading...

	www.financescam.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.28.4	ScriptElement	45 kB	2025-05-06	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.28.4 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-06 10:58 Last Seen2025-05-14 19:25 Times Seen62 Hash 3a11a2f72761b93d8d453d3681ba3947 4e5b7e8e49f3799ba459137c933fc933b0016cae bc669c112975fb8b076774eba29914a37d28d43a4e418c083be917b51f730efb Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	www.financescam.com/legal/	ScriptElement	1.6 kB	2024-12-05	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-05 13:59 Last Seen2025-05-14 18:22 Times Seen3 Hash 0bcd5191bf6cf100d152adfdcba0a968 8165faf00de6749c0353d7110c49484ca70aee17 a5153dbf8d3fdc117d757ecffa2c01a7ad36900ae59c7e7a9c7d316ec7a76c2e Loading...

	www.financescam.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.4 kB	2025-05-14	2025-05-14
Pretty URL www.financescam.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 19:15 Times Seen2 Hash f2b391f712a75d91580288e90497b042 6d762ec1368e1888376c08309f7d94b3998a3f67 8c8c48d1b4f4b4afb81de65f03af6dbaebf448c7831ebd1b0029ec889430a9db Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 3f71d17ea28f12202802246848ebc72f f99f5f50d9dca346e7f664c04081afc6f0a7bce5 d3572757881556f2e0190fc23a78601f6656579b3d4b379255462bdc7c9b8e61 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash be196cf459b7631f8c82be13cec33094 34a3d9070399bd1a72856d2f1c62d8b6d3ea2272 3ee5f5333d37bf56d2d4a4e939e9ffb10163843d8227e043c656e93e64412e0d Loading...

	www.financescam.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1746783846	ScriptElement	4.7 kB	2024-07-08	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1746783846 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-08 18:05 Last Seen2025-05-14 18:22 Times Seen252 Hash d9a30605c441336d4af052e900000fb8 e563d2aa3411154291aa305b4912155259e3e72c 51961b2c0bdbfaa3f8cb21e59d2ae04e029c44edd84d95e8fb4b67ca55e26b8c Loading...

	www.financescam.com/legal/	ScriptElement	4.3 kB	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 410d4231072ed45d16d807a3aaec3454 2384235af21f7c876a91f426c0b8da6a8a5a6968 7471e037b5cdfd0b45811cb2c3c9b078dd77d07dcb3d48879e0308e32c0f92e7 Loading...

	www.financescam.com/wp-content/plugins/wpforms/assets/lib/mailcheck.min.js?ver=1.1.2	ScriptElement	4.0 kB	2023-03-07	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/wpforms/assets/lib/mailcheck.min.js?ver=1.1.2 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33 Last Seen2025-05-14 18:22 Times Seen1999 Hash 84cdf2af726ea0ad5c67b7ec6479e363 bba43108f022eaa28a7637c1ed7b7cb287d1691d 8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 51be2e58637e3f6500b7f10ba9670b65 62ceee6f472441c2d9957773fff0bce1c552f05c cefc1be5ad2b37ce349d366428cacdbe0ef256c86143a29d34b4b7716127f83b Loading...

	www.financescam.com/wp-content/plugins/breeze/assets/js/js-front-end/breeze-prefetch-links.min.js?ver=2.2.10	ScriptElement	1.4 kB	2025-05-06	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/breeze/assets/js/js-front-end/breeze-prefetch-links.min.js?ver=2.2.10 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-06 13:42 Last Seen2025-05-14 19:25 Times Seen5 Hash c2db6af18130626895809849cec278a9 74a9f7fd35d36105d67290cf31a95cb0507eae37 bade9191996ed64020bc4ef37dba4490653e2bdbeaab88effc080b61735d97ae Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen369745 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-14	2025-05-14
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash 9e0fc6c4b669585af5f907eb71bc4b92 cdcfb2c3e242ea56f55506e8e03b5558a2c5e795 d4b674a984b9e77302b074ac555ded4fe7a8bf886ae4daa415b5554e781b57d2 Loading...

	cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js?ver=2.3.4	ScriptElement	44 kB	2023-03-07	2025-05-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js?ver=2.3.4 IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-14 19:21 Times Seen13450 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	www.financescam.com/legal/	ScriptElement	921 B	2025-05-14	2025-05-14
Pretty URL www.financescam.com/legal/ IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-14 18:22 Last Seen2025-05-14 18:22 Times Seen1 Hash e401838bcb43a3ec51dd2598fd926326 1875ac000c9fb41874c7e4a7029259dad1eb1520 0c455599c60d0278e455fe603a5cbb32077f7eb979b5707b2809e957b4de4a7e Loading...

	www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/wpforms.min.js?ver=1.9.5.2	ScriptElement	48 kB	2025-05-05	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/wpforms.min.js?ver=1.9.5.2 IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-05 06:25 Last Seen2025-05-14 18:22 Times Seen29 Hash 1d67e1d3af0c49cb9eab3fb5a23badb1 b50b1a40308e0b5079766a8bd169fa41df8c8b31 d7bf5af63f5bb1472feaa293081c74058ac6f9f4ee4ed1fedb9022b2cfdffa19 Loading...

	www.financescam.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.a23fbd67486c5bedf26c.bundle.min.js	ScriptElement	5.3 kB	2025-05-06	2025-05-14
Pretty URL www.financescam.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.a23fbd67486c5bedf26c.bundle.min.js IP 104.26.9.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-06 13:00 Last Seen2025-05-14 19:25 Times Seen37 Hash 478fc25b9637d1406c639dde4dffff29 ae3211fbb7d4ae5de7769e970da8ea314fad6618 54364b2c25e5f5e592b8b6184c749f085f024d96ae27f1cdad3472060c32c307 Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07 01:03	2025-05-14 21:17
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-14 21:17 Times Seen58424 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (93)

URL IP Response Size

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/93fc6b5b1c2956be/1747246929630/ef1273e84fbc31cc10b4c98f13b92a6f3408d239d664bcd1c791462b89945975/ltv0ri66KaGECjK

104.18.95.41

401 Unauthorized

1 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/93fc6b5b1c2956be/1747246929630/ef1273e84fbc31cc10b4c98f13b92a6f3408d239d664bcd1c791462b89945975/ltv0ri66KaGECjK
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/93fc6b5b1c2956be/1747246929630/ef1273e84fbc31cc10b4c98f13b92a6f3408d239d664bcd1c791462b89945975/ltv0ri66KaGECjK HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Wed, 14 May 2025 18:22:12 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g7xJz6E-8McwQtMmPE7kqbzQI0jnWZLzRx5FGK4mUWXUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIO8Sc-hPvDHMELTJjxO5Km80CNI51mS80ceRRiuJlFl1ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIO8Sc-hPvDHMELTJjxO5Km80CNI51mS80ceRRiuJlFl1ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1r6z50Qwapjvi7gKQBPiehOkJb40cvj8RgN_zo7Ag1Zt0ItIZ08z6yBoyxcQd_a3O1eJagQvs0q2WZqQcXhBy3zBsvQBUQF8QxmVXDj3rgtzSqQSahQmiLHDl8Bcv0QZEdy4zOIIyDuI5UyRXhX7XZGrCVD8CZ90xBA5BKM69472-2BHpBla9Lbeh9YUrkZ5O98MUI_u6VEapusnXAf_lwrQA8tyF-9S11SxHG6uu9ywb9GCpVeaxdoonr9TgwPU5JgXSFuW_Ow1I_O2alIJcGt4Lb8SBKG-hKMrnxnwzFPje27Rczkpqu7PtgYXJvH_uDRKG-nqq_rghxAOH_kchwIDAQAB", max-age=20
priority: u=4,i=?0
server: cloudflare
cf-ray: 93fc6b72dab556be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

www.financescam.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.28.4

104.26.9.7

200 OK

5.4 kB

URL GET
www.financescam.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (5367)
Size
5.4 kB (5407 bytes)
Hash
cfc90a4513123659d28c6b135d35e37f
414e0ba207f3f8c3f121407103573f88683e404f
4de4355c4f34101a88659f6aed0f83d4a01b6896448ef70b5eb8b859351a12d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f18400b3d-OSL
last-modified: Wed, 23 Apr 2025 16:18:09 GMT
vary: Accept-Encoding
etag: W/"680912c1-151f"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r9EggLIbr9dVA2WQGuTsZT6ol%2BdTdLeaVqyVIyWFp7SyBg%2BnBmcz35gpsJ%2FuYR9Tsk3HCs3ggD4QQ4eGWJ%2FY48Pjii6E1aFAg8McFr48mjR4yVA1%2B%2B%2FB%2FUWIJ%2FXzwb9zpMMh5%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2067&min_rtt=807&rtt_var=1774&sent=213&recv=81&lost=0&retrans=0&sent_bytes=183032&recv_bytes=18861&delivery_rate=1019262&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=622&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/wpforms/assets/lib/mailcheck.min.js?ver=1.1.2

104.26.9.7

200 OK

4.0 kB

URL GET
www.financescam.com/wp-content/plugins/wpforms/assets/lib/mailcheck.min.js?ver=1.1.2
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (4014), with no line terminators
Size
4.0 kB (4014 bytes)
Hash
84cdf2af726ea0ad5c67b7ec6479e363
bba43108f022eaa28a7637c1ed7b7cb287d1691d
8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms/assets/lib/mailcheck.min.js?ver=1.1.2 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f285b0b3d-OSL
last-modified: Fri, 09 May 2025 09:44:22 GMT
vary: Accept-Encoding
etag: W/"681dce76-fae"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vkmocEsUc%2BXBjH2yt7sAm9Iz%2FTYd0iGoCwN%2BlISKb5uDFLvZ6Ag8zdm9%2BLRJcfxlaNok4WOEvIFbi8wVbAgj4qnx7Md6Uq5Yp6bRW0guXXJ%2F8zJyup98M6z4mLLCwGvIzZVG33E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1879&min_rtt=807&rtt_var=1320&sent=217&recv=83&lost=0&retrans=0&sent_bytes=186253&recv_bytes=18959&delivery_rate=2940953&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=625&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/wpforms/assets/lib/punycode.min.js?ver=1.0.0

104.26.9.7

200 OK

1.7 kB

URL GET
www.financescam.com/wp-content/plugins/wpforms/assets/lib/punycode.min.js?ver=1.0.0
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (1713), with no line terminators
Size
1.7 kB (1713 bytes)
Hash
23b0d9051790b4a386f66ff1836815bc
0dc76a6bcad4bdce1b88ec6e68215733c97fc520
69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms/assets/lib/punycode.min.js?ver=1.0.0 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f285c0b3d-OSL
last-modified: Fri, 09 May 2025 09:44:22 GMT
vary: Accept-Encoding
etag: W/"681dce76-6b1"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRKffFW536FKlke45QhrkAILU7rSvQBPyzFL4racFyUx9kyWz5X6vXGEoljkBT5z7BgLG%2FzXUvn41uQr%2BDiNOgKonEWbug5KEhjpXIR%2F42oGc2nz0FgT1RI0o6aaw3r3wXVu7ZU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1812&min_rtt=807&rtt_var=1124&sent=245&recv=84&lost=0&retrans=0&sent_bytes=215683&recv_bytes=19009&delivery_rate=7160362&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=639&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/wpforms-modern.min.js?ver=1.9.5.2

104.26.9.7

200 OK

6.0 kB

URL GET
www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/wpforms-modern.min.js?ver=1.9.5.2
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (6015), with no line terminators
Size
6.0 kB (6015 bytes)
Hash
1972c2d031b962cbbcdd8688c3c74af2
bd1c1ec00899c040fd20c4612feea0d13bb3bd1e
f28091c06dd85fda867324dfd47f649719b334f543a8ab1c1ddc40e62f778b9f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms/assets/js/frontend/wpforms-modern.min.js?ver=1.9.5.2 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f286a0b3d-OSL
last-modified: Fri, 09 May 2025 09:44:21 GMT
vary: Accept-Encoding
etag: W/"681dce75-177f"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAQLaz3fuPECoSVjNT28id7Y5ITnu8E5iWUpsdkxuoZ6%2B4c3y3V%2BxAU689P1ClehOEACUiqWQhbj%2BIgo6EG8fAiib3hQfLMqazzmK7GVTPsCP0utq6wf4NXML%2Bx0KDrOoqEwOU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1804&min_rtt=593&rtt_var=518&sent=523&recv=105&lost=0&retrans=1&sent_bytes=530624&recv_bytes=21438&delivery_rate=1855158&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=842&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/fields/address.min.js?ver=1.9.5.2

104.26.9.7

200 OK

1.1 kB

URL GET
www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/fields/address.min.js?ver=1.9.5.2
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (1064), with no line terminators
Size
1.1 kB (1064 bytes)
Hash
c54a7248e09385cfa16034fa61edc33b
5a0aecefdc4fc853d3a225a66800ec8c0aafeed7
9703f80cb4ec3bab20d140ac954244ae5d0873522d248aca292464d064d87e07

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms/assets/js/frontend/fields/address.min.js?ver=1.9.5.2 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f38790b3d-OSL
last-modified: Fri, 09 May 2025 09:44:21 GMT
vary: Accept-Encoding
etag: W/"681dce75-428"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JZalLh%2FBU1mevH8BYc7j0VSWtrMB38QfJOXpL4yzS6ULvL4PQxNZ3NdskjNgpYNmfD6r52eG0eV4QrYDPnSIVrWuJlUO2R61SYOl58TOoNxGhZzp4WaaPe%2BxlKHCkJYnUE0m3aA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1939&min_rtt=593&rtt_var=862&sent=590&recv=112&lost=0&retrans=1&sent_bytes=603641&recv_bytes=21761&delivery_rate=6123699&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=869&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor/assets/css/widget-image.min.css?ver=3.28.4

104.26.9.7

200 OK

254 B

URL GET
www.financescam.com/wp-content/plugins/elementor/assets/css/widget-image.min.css?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text
Size
254 B (254 bytes)
Hash
0f526d3726068e0d6db65140d5db1a44
a60a7f2def3356f250bdc11423a9a363c8d92c38
65944c1207d6c5a0dcaa657a01e0cf063d24c8d37fcf48a8895ae408fa8784c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/widget-image.min.css?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d1d490b3d-OSL
last-modified: Wed, 23 Apr 2025 16:18:09 GMT
vary: Accept-Encoding
etag: W/"680912c1-fe"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gJHLFf7BzPmJCScrOHfEHVbhsvXxuptNA1LyPxeTxoXnDlj9dA0ei0XM1qnZwpRDPSPjNbWcwnEgFj96JDkczeLWkOLj2ECEZiRag9J77hdYwONGBz%2BIV6ccGgyvDzW8RmKCAV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3573&min_rtt=2653&rtt_var=1652&sent=22&recv=29&lost=0&retrans=0&sent_bytes=4414&recv_bytes=10011&delivery_rate=241899&cwnd=12000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=313&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/uploads/elementor/css/post-90125.css?ver=1747174331

104.26.9.7

200 OK

27 kB

URL GET
www.financescam.com/wp-content/uploads/elementor/css/post-90125.css?ver=1747174331
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (26419)
Size
27 kB (26600 bytes)
Hash
3ff81b60896d23848e472ae6b101f25f
e97feb118913aa7b93bf0b6f154d5c87e810f6dd
3755d44898531f1c1083586b8598d4e79b9f72d6336101394c5cf508bf18711e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-90125.css?ver=1747174331 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d2d6e0b3d-OSL
last-modified: Tue, 13 May 2025 22:12:11 GMT
vary: Accept-Encoding
etag: W/"6823c3bb-67e8"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQvajsTQ2X5QUNNa8huxqk8fjjnToSof9GpBMJ2FXb2uvwTopdIm7HgYup7dO6IYj1nEXOElAqz5hYx1Os9AMPvq6KeQJ9oH9RzpRu5o5REYwxQTiJEyjASknQu%2BPdjyIMYB1qY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1451&min_rtt=807&rtt_var=614&sent=151&recv=74&lost=0&retrans=0&sent_bytes=120164&recv_bytes=18521&delivery_rate=1110438&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=536&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/searchwp-live-ajax-search/assets/styles/style.css?ver=1.8.5

104.26.9.7

200 OK

2.6 kB

URL GET
www.financescam.com/wp-content/plugins/searchwp-live-ajax-search/assets/styles/style.css?ver=1.8.5
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text
Size
2.6 kB (2556 bytes)
Hash
40109b27fc879a7bf8716e07c3d6545f
f194b403b15a1fec98f14745ddefab0e947f37a7
0e4cf1221e57f04cdbe091d45b6a23e447ba939c58291786f9b9b0aee6c9183c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/searchwp-live-ajax-search/assets/styles/style.css?ver=1.8.5 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d3d7f0b3d-OSL
last-modified: Tue, 25 Feb 2025 22:58:43 GMT
vary: Accept-Encoding
etag: W/"67be4b23-9fc"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a8cdsZGjd2iUJ5Tw%2BFNFlSRD5psqrq%2BWcj5ehe2h2%2FFoFn%2ByZWWsWyEVFdPcXhDnOVIpG5y1yn7NcTvji3q0eCO%2FdFTl3VdPE2gDt4Tp1GTP%2BjUVyKCzwW%2F3649mYIQjfrLc1gc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2582&min_rtt=1144&rtt_var=1516&sent=37&recv=35&lost=0&retrans=0&sent_bytes=15958&recv_bytes=10269&delivery_rate=3839689&cwnd=12000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=335&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/uploads/2024/05/cropped-Asset-7-8-1-32x32.png

104.26.9.7

200 OK

446 B

URL GET
www.financescam.com/wp-content/uploads/2024/05/cropped-Asset-7-8-1-32x32.png
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
RIFF (little-endian) data, Web/P image
Size
446 B (446 bytes)
Hash
aec80be285cf3e8c0244658bf051147c
d44ec0e70bbe746d8894acde122c7a95f7a84bea
43a41c0ad878827ae3e7fc48f960071ceac375e2f0b302ffaadec5bd9ef4b2b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/05/cropped-Asset-7-8-1-32x32.png HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Cookie: _ga_2XDSQEPGRY=GS2.1.s1747246928$o1$g0$t1747246928$j0$l0$h0; _ga=GA1.1.1545096040.1747246929
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:09 GMT
content-type: image/webp
content-length: 446
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b59881e0b3d-OSL
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=764
content-disposition: inline; filename="cropped-Asset-7-8-1-32x32.webp"
vary: Accept
etag: "677bd137-2fc"
last-modified: Mon, 06 Jan 2025 12:48:55 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jp9w9DcYdvseWB2dzOCFIHWVuQFqXwuLKyRyWCCoUgep6ReEZGOwMp3pIwiPb%2BxAA8qsP1T%2Fm3vKpVGU1hlGbhwio%2BwrZrGaGw7k44vWJXTVSyyaezv1ak4XaEQgV%2BTMuBX4YY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1390&min_rtt=593&rtt_var=636&sent=839&recv=155&lost=0&retrans=1&sent_bytes=867251&recv_bytes=38622&delivery_rate=29330&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=2501&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/uploads/elementor/css/post-6.css?ver=1747174332

104.26.9.7

200 OK

1.2 kB

URL GET
www.financescam.com/wp-content/uploads/elementor/css/post-6.css?ver=1747174332
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (1229), with no line terminators
Size
1.2 kB (1229 bytes)
Hash
739945fff2c08dae5b19fd04eb980fb9
519f80ac2246321a952deff45122198a08a253c3
b62ff51e63ea7b9463ef68ce8e43c4bed081bd98fd261a333a3b24fe8c3ca54c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-6.css?ver=1747174332 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d2d5e0b3d-OSL
last-modified: Tue, 13 May 2025 22:12:12 GMT
vary: Accept-Encoding
etag: W/"6823c3bc-4cd"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ieE7%2FLhhhGbNHDjtiYDHbutGe%2BksutjQ9OXY9ljIYWNGH0U9%2FDmqXCJBsXwHK1MphGr9WaKNck3L8qkbTvsi8qqx4vLu98mDVUzQ43YDamFzSHh6nm6NCvE9z5jKWQ2uWp9np%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1743&min_rtt=807&rtt_var=792&sent=139&recv=70&lost=0&retrans=0&sent_bytes=111678&recv_bytes=18335&delivery_rate=1152138&cwnd=24000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=521&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/uploads/elementor/google-fonts/css/robotoslab.css?ver=1745146312

104.26.9.7

200 OK

25 kB

URL GET
www.financescam.com/wp-content/uploads/elementor/google-fonts/css/robotoslab.css?ver=1745146312
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text
Size
25 kB (25200 bytes)
Hash
9ccccbe91b2be6f5f846d1fb10ea1dee
5a6a38960ea87c24aef165f565d5a68bc0f24e9d
c0586be9ec9b952625eb8b6c9bd515d4787e21d7aad6b14c92b638b6e8b7235b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/google-fonts/css/robotoslab.css?ver=1745146312 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d3d890b3d-OSL
last-modified: Sun, 20 Apr 2025 10:51:52 GMT
vary: Accept-Encoding
etag: W/"6804d1c8-6270"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bREzlLYv2WMInW8FejvpssnVwt6TNosnJdYshgov8FRR9ROrpf7Br1qlx84ULVqt0nCWmaziYQmaIf14fhQtcSjFiihR2TdnHLNgG%2B6HX%2BgMtHITkbZ%2BipuPi1xaYmAHEpU3ECI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1451&min_rtt=807&rtt_var=614&sent=161&recv=74&lost=0&retrans=0&sent_bytes=130220&recv_bytes=18521&delivery_rate=1110438&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=538&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

104.26.9.7

200 OK

9.1 kB

URL GET
www.financescam.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
data
Size
9.1 kB (9141 bytes)
Hash
a8127c1a87bb4f99edbeec7c37311dcd
9997a1745f48bdd233dbe9bd8164daa53eba105b
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f18470b3d-OSL
last-modified: Mon, 06 Jan 2025 12:56:50 GMT
vary: Accept-Encoding
etag: W/"677bd312-23b5"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cyZvDeLmqz0%2BGpPs8QkqaNfnH%2FvWl3y2cSBmgWv1IfwENI8OR1SNuAky%2B81bqDaQUL3DdyrSsq3368fpgFxzzEpzy2PpaRh%2B4TcJIBnfg%2BPSgtDxHscT17223vvUeETbMk2gX%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2130&min_rtt=593&rtt_var=978&sent=581&recv=110&lost=0&retrans=1&sent_bytes=594429&recv_bytes=21666&delivery_rate=1611165&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=865&x=1", cfExtPri, cfHdrFlush;dur=0

www.googletagmanager.com/gtag/js?id=G-2XDSQEPGRY&cx=c&gtm=453e55d0za204&tag_exp=101509156~103116025~103130495~103130497~103200001~103207802~103233424~103252644~103252646~103263073~103301114~103301116

142.250.74.168

200 OK

383 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-2XDSQEPGRY&cx=c&gtm=453e55d0za204&tag_exp=101509156~103116025~103130495~103130497~103200001~103207802~103233424~103252644~103252646~103263073~103301114~103301116
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT

File type
JavaScript source, ASCII text, with very long lines (6125)
Size
383 kB (383128 bytes)
Hash
5ad42c87bcbcf3db2fa73fb73e88a1e6
2e3ead3240f70c76b36f474b0af7d37af89cb79c
5d3c98b2443ffcf9af4075c8a29eedfbf7363ffc168f5920fb2e738adabaf158

HTTP Headers

GET /gtag/js?id=G-2XDSQEPGRY&cx=c&gtm=453e55d0za204&tag_exp=101509156~103116025~103130495~103130497~103200001~103207802~103233424~103252644~103252646~103263073~103301114~103301116 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 14 May 2025 18:22:08 GMT
expires: Wed, 14 May 2025 18:22:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 128301
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/

104.18.95.41

200 OK

28 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
HTML document, ASCII text, with very long lines (22245)
Size
28 kB (27997 bytes)
Hash
309fe9990517e9a147b8f854d120d8cd
07fbb7910838f3a75d5099df1efe38d8c65e5355
f62cf130c678f196e79e9483507d6028423bdf49ccff43cc335e8f6d0551619b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:09 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-r4fKHeTTwZAvlqq3' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 93fc6b5b1c2956be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/93fc6b5b1c2956be/1747246929621/FSJeNZ_mte5vlAI

104.18.95.41

200 OK

413 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/93fc6b5b1c2956be/1747246929621/FSJeNZ_mte5vlAI
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
PNG image data, 12 x 95, 8-bit/color RGBA, non-interlaced
Size
413 B (413 bytes)
Hash
43a55b21e98b48088a58e27b50af9314
eb2b6d7c88d9849b7ee0bc83a2e6f8536ac84f55
f15f075c245093a98a35e55d932d55223e66931c60e874b1420ff2bdda199bb8

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/d/93fc6b5b1c2956be/1747246929621/FSJeNZ_mte5vlAI HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:11 GMT
content-type: image/png
content-length: 413
priority: u=4,i=?0
server: cloudflare
cf-ray: 93fc6b692f2856be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

www.financescam.com/wp-content/plugins/foxiz-core/assets/core.js?ver=2.6.1

104.26.9.7

200 OK

14 kB

URL GET
www.financescam.com/wp-content/plugins/foxiz-core/assets/core.js?ver=2.6.1
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
14 kB (13575 bytes)
Hash
190c43b1f3337463ec7b0f9bb52858c7
3f7c71944d6f503fc5d8455ef540c82099ed3a3c
c1cbb4f9664d82ef6c56d07a12e1c7c9448b224c74aea34ef68903267a162eb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/foxiz-core/assets/core.js?ver=2.6.1 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f081d0b3d-OSL
last-modified: Thu, 10 Apr 2025 11:35:05 GMT
vary: Accept-Encoding
etag: W/"67f7ace9-3507"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WiuOnFQd%2FsXZoRbce6hVm8t19Wwxo79cVvU4TQqwLWwuEGxu4DbGyHjZdkklRALPzeixGaNPvuQvFXKNy7udE4oRSTf30%2B520pzPDpM5n4jmWOdJgQqHsn7P8Z35d%2FEx0uVxf4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1891&min_rtt=593&rtt_var=677&sent=491&recv=103&lost=0&retrans=1&sent_bytes=495390&recv_bytes=21346&delivery_rate=3322568&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=832&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.28.4

104.26.9.7

200 OK

24 kB

URL GET
www.financescam.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (24166)
Size
24 kB (24210 bytes)
Hash
a0a6e785713b13ab4e193b8ac36ab358
85f1266419c16312e7489063e929d3d688922d24
e21ccbe8f67343aec13c829ffd984d42d043fec9fec35b53155651c1ba676b1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f18490b3d-OSL
last-modified: Tue, 06 May 2025 14:59:56 GMT
vary: Accept-Encoding
etag: W/"681a23ec-5e92"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gKmRL%2Ff7%2BCfoXmERGkhNhsculskJSCxQu21y%2Bx2GuVsRQqP32UpmeoV%2B8H26jfxkOpeuZiJrrQsd80PlLCJa8z7zvjjNmZon%2FDKgmnMw9hYo5f%2BInMOQrfgh9sNKy0cbQxdoknk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1879&min_rtt=807&rtt_var=1320&sent=221&recv=83&lost=0&retrans=0&sent_bytes=189915&recv_bytes=18959&delivery_rate=2940953&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=626&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/wpforms/assets/lib/jquery.validate.min.js?ver=1.21.0

104.26.9.7

200 OK

25 kB

URL GET
www.financescam.com/wp-content/plugins/wpforms/assets/lib/jquery.validate.min.js?ver=1.21.0
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (25168)
Size
25 kB (25308 bytes)
Hash
9152a2ca7c22170d57da0b724782d17d
33f17178d9b71ce26cff40ff4e46a2ff92af1326
607426a3217b1ed9f5cc7c637e7306fde073a1f34a4126704340c0e98b48a43e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms/assets/lib/jquery.validate.min.js?ver=1.21.0 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f28590b3d-OSL
last-modified: Fri, 09 May 2025 09:44:22 GMT
vary: Accept-Encoding
etag: W/"681dce76-62dc"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9UaM4G2ZWr6ejKwheMWgpQbXr%2BbWKx8w0iL7i0UJURmLCU7UN3zuPtfi6xHS5eYucipwS9WqhXfPsNV3Lu7zKv88RpOhGePhCfUoDyLLqjKu1FoZ%2BPjej5IpJZ4hh5wWqaDi2pU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1742&min_rtt=593&rtt_var=392&sent=540&recv=107&lost=0&retrans=1&sent_bytes=547948&recv_bytes=21528&delivery_rate=2789287&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=851&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/themes/financescam/js/custom.js?ver=1.0

104.26.9.7

404 Not Found

180 kB

URL GET
www.financescam.com/wp-content/themes/financescam/js/custom.js?ver=1.0
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
180 kB (180104 bytes)
Hash
50f8f9c35a581ee5b12ca9fcaccf6878
b1967ef8285765e011b517aca4f240b387895c76
e1f7993b4fb404e43f4121bb28a6e9ebbe361919bd8e73f976e9f65824a9adb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/js/custom.js?ver=1.0 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/html; charset=UTF-8
cf-ray: 93fc6b4f08280b3d-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-cache: HIT
cache-control: max-age=43200
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F94qgo343VjCsyzI1pr1nWw12qEhSelJthA7mIWDR23jf7XYwXC%2FzPosmbw7DfNAgtdvQZ1yeTVCHV8sU1Obg2txfvLqdwSt6ht628DOPByzPxU09ccWfmtjDnUjPRngcYMIcwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1755&min_rtt=807&rtt_var=958&sent=248&recv=85&lost=0&retrans=0&sent_bytes=217330&recv_bytes=19060&delivery_rate=793008&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=646&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/wpforms.min.js?ver=1.9.5.2

104.26.9.7

200 OK

48 kB

URL GET
www.financescam.com/wp-content/plugins/wpforms/assets/js/frontend/wpforms.min.js?ver=1.9.5.2
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (46018)
Size
48 kB (48079 bytes)
Hash
1d67e1d3af0c49cb9eab3fb5a23badb1
b50b1a40308e0b5079766a8bd169fa41df8c8b31
d7bf5af63f5bb1472feaa293081c74058ac6f9f4ee4ed1fedb9022b2cfdffa19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms/assets/js/frontend/wpforms.min.js?ver=1.9.5.2 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f28680b3d-OSL
last-modified: Fri, 09 May 2025 09:44:21 GMT
vary: Accept-Encoding
etag: W/"681dce75-bbcf"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fI3rSOTcX18EpYP0QyU5nTWxW0KmqvIZg9ZwccHuP6xPohEOiMxXzQqfhDNpALibpXj5bKG%2FLJ%2Ff9ib2ZaHnA7kNTcVkutrGu79kFbz79yC5z0svYbL5ed4Ttw2dQxCdPRKHTD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1742&min_rtt=593&rtt_var=392&sent=533&recv=107&lost=0&retrans=1&sent_bytes=539953&recv_bytes=21528&delivery_rate=2789287&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=851&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/cdn-cgi/challenge-platform/h/g/jsd/r/0.2511082795259449:1747246308:ze5-55mybJn2ZFSfniEQq6EwaWm-jGBHuPg_jcv2kmo/93fc6b4978d9569a

104.26.9.7

200 OK

0 B

URL POST
www.financescam.com/cdn-cgi/challenge-platform/h/g/jsd/r/0.2511082795259449:1747246308:ze5-55mybJn2ZFSfniEQq6EwaWm-jGBHuPg_jcv2kmo/93fc6b4978d9569a
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/0.2511082795259449:1747246308:ze5-55mybJn2ZFSfniEQq6EwaWm-jGBHuPg_jcv2kmo/93fc6b4978d9569a HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 12090
Origin: https://www.financescam.com
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Cookie: _ga_2XDSQEPGRY=GS2.1.s1747246928$o1$g0$t1747246928$j0$l0$h0; _ga=GA1.1.1545096040.1747246929
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93fc6b5ac9ea0b3d-OSL
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FH2R%2B3X4kfR8jE79RNJzcVUfGoJUQ7wN0YwE7J4vvDPBZ%2BhNnmlO7U0aJqYtfjUg32mLxHClmMdLjW1Z4DI7cGQxkp6ygyI5QFzveHzcUpaLzEqmkvSPetN%2F9rSvRl9NJm%2Bz4R8%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: cf_clearance=Qew.ZDt00HCNvnToHX6EqbzAwOPcbn7pMx36pO41GXM-1747246929-1.2.1.1-yKRrf5YI4ozWoT_kCe3m4QDyK7C6qs6DHQGuiiYZwRqxUiBcwgAF3C27cV6PTU.ax35hDARh5HmL1VQAbmEbqUPvbofh5gl62uzhUd9AIsVOCGR734bzfDZkcmPiO2yqgFBeuwel_DfXqONaCqXejwegPmqAlP1Oj.mtdNkvLALAoyZceoa.qrhILBhdjJcL2n3IMjMM9k7l7EM.Q22jovOEOsaMR8H.ktltucpDJ32PFPnIkXiQ0pVt0.uyINZHrXpS6xB_H16DkUW43rLylTSzYpvkM7G5sZKJp25fhZyP3CC9woYHj86YStyPq0Lny2Iwg6MLrURyobANHx9YNW6vq9msV1h3V6bKkLN9EhE; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=financescam.com; Expires=Thu, 14 May 2026 18:22:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1441&min_rtt=593&rtt_var=714&sent=832&recv=154&lost=0&retrans=1&sent_bytes=860120&recv_bytes=38577&delivery_rate=2059484&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=2379&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css?ver=3.28.4

104.26.9.7

200 OK

10 kB

URL GET
www.financescam.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (10270)
Size
10 kB (10310 bytes)
Hash
4597d97f99381790e31f3ef914481a31
d2d2b2e015b1f558b1bd83c538164497fd205055
e1c8447652b6dfe41ed260c90e961a34d6fd86d539fbf3d336aea773224ffdd3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d2d590b3d-OSL
last-modified: Wed, 23 Apr 2025 16:18:09 GMT
vary: Accept-Encoding
etag: W/"680912c1-2846"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KY%2F1dzfk2z4xIaH0%2B%2BZu5fQr3i7x85X9w7EIB8x22PKSquaRTu4PxW4bbbz4auU15aRxxOC%2BZK4QOIhKyUvq4tO6bie9b979qxhAi4oPqeF21iD3KaRmPuyjKIkxsn%2BJj19d5aY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1489&min_rtt=807&rtt_var=718&sent=148&recv=73&lost=0&retrans=0&sent_bytes=118321&recv_bytes=18475&delivery_rate=2039344&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=532&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/searchwp-live-ajax-search/assets/styles/frontend/search-forms.css?ver=1.8.5

104.26.9.7

200 OK

1.9 kB

URL GET
www.financescam.com/wp-content/plugins/searchwp-live-ajax-search/assets/styles/frontend/search-forms.css?ver=1.8.5
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (776)
Size
1.9 kB (1900 bytes)
Hash
7e32d93fb1da9c85d62017a87a45e462
7348b5f134279978dfcbde14aa89cd24cbfd4795
4370ad8851d4b992951e64dc63144da55a0a8f925733ec6bbfd2c3fdfc8697c0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/searchwp-live-ajax-search/assets/styles/frontend/search-forms.css?ver=1.8.5 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d3d7b0b3d-OSL
last-modified: Tue, 25 Feb 2025 22:58:43 GMT
vary: Accept-Encoding
etag: W/"67be4b23-76c"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkhTwWrWJiyhkts7HFqPfu%2FKH2jIC3I6lIPMw2tRO7nKfOxUMERcyYB6U%2BziUu9HvcuyXwGyy6MvixFTl643pYY%2FxeEeRAIbhe8d7g9ZUDEGrQpaiFHK0GFQsY1%2F5dGFWs8ec4c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1424&min_rtt=807&rtt_var=514&sent=178&recv=75&lost=0&retrans=0&sent_bytes=149146&recv_bytes=18570&delivery_rate=4652285&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=542&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/wpforms/assets/css/frontend/modern/wpforms-full.min.css?ver=1.9.5.2

104.26.9.7

200 OK

162 kB

URL GET
www.financescam.com/wp-content/plugins/wpforms/assets/css/frontend/modern/wpforms-full.min.css?ver=1.9.5.2
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
162 kB (161655 bytes)
Hash
a9c64932620e3f422834dc8a3da8aa41
dd8e38fd603b7cf56b2deae86e79d8954e953d8e
4a5aa2714342647ed08bf450ad059501fb1a462da231b810906a0db798799bae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms/assets/css/frontend/modern/wpforms-full.min.css?ver=1.9.5.2 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4ef8170b3d-OSL
last-modified: Fri, 09 May 2025 09:44:21 GMT
vary: Accept-Encoding
etag: W/"681dce75-27777"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXCdUf1l%2Bk%2Bm%2Bc82dYeV1lxSzkAmLNoz%2BrsEIBuvtrLmqagiVUJglJh7fLNZ3IsKzkMxPLdj67dxR4L4%2F66Fu1qX9BRhLY%2Ba95l8UuZZPzTjXMMoMJOsYyYAe%2FLO%2FnaffgQj0uI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1891&min_rtt=593&rtt_var=677&sent=491&recv=103&lost=0&retrans=1&sent_bytes=495390&recv_bytes=21346&delivery_rate=3322568&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=832&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/themes/financescam/assets/fonts/icons.woff2?ver=2.5.0

104.26.9.7

404 Not Found

180 kB

URL GET
www.financescam.com/wp-content/themes/financescam/assets/fonts/icons.woff2?ver=2.5.0
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
180 kB (180493 bytes)
Hash
a37da1a7dcb9b21b706d6f5347d5f184
d734c0fc7924cf9f41e39c42e713aa2b933d144b
96e2e24d835988506f0299571c378d2eebe3fb0fe85506df5be884282666ea4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/assets/fonts/icons.woff2?ver=2.5.0 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.financescam.com/legal/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/html; charset=UTF-8
cf-ray: 93fc6b4d4d940b3d-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-cache: HIT
cache-control: max-age=43200
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DOVwk12z8Io%2FlOHn62saz%2Bz9%2FfaZ0AB5m%2FPfm%2BTdWDwgQwp1sMYDjQxNV1gdlbg5neGTUtd768KBkXolsDx3%2BmRGkO4o3WZRfrMRCbVTLv2HxA%2BDwXXnRweL5HKetZmirWajBzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1970&min_rtt=1144&rtt_var=1088&sent=74&recv=40&lost=0&retrans=0&sent_bytes=56597&recv_bytes=10493&delivery_rate=17231046&cwnd=24000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=368&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/uploads/2024/05/Asset-3-8.png

104.26.9.7

200 OK

9.9 kB

URL GET
www.financescam.com/wp-content/uploads/2024/05/Asset-3-8.png
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.9 kB (9926 bytes)
Hash
45826429c8d15bbc6a8d600c3bfc4dfe
fb8911fbbe42db821faa644f21b8890d12bcfa5f
56de24f6db7c8bec23268b0d6fde36ab6267cf8114bca2905a8a4f4f1a0dea47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/05/Asset-3-8.png HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: image/webp
content-length: 9926
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4ef8130b3d-OSL
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=15697
content-disposition: inline; filename="Asset-3-8.webp"
vary: Accept
etag: "677bd24d-3d51"
last-modified: Mon, 06 Jan 2025 12:53:33 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxYEnP7UgUDS6HeIV6bNXeUJzptm9fZrkFe9zmeAH1B88s3Z5gonm7JyQCzZ9xcaQWBSclYufUMfYZqyiAgjgX3pP5YyQUquklJkdAwCRCXvfPgs6gzeK3aSqpHejeBwkYr5ZjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1797&min_rtt=593&rtt_var=652&sent=479&recv=98&lost=0&retrans=1&sent_bytes=484356&recv_bytes=19681&delivery_rate=6259776&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=810&x=1", cfExtPri, cfHdrFlush;dur=0

owlcarousel2.github.io/OwlCarousel2/assets/vendors/jquery.min.js

185.199.108.153

200 OK

87 kB

URL GET
owlcarousel2.github.io/OwlCarousel2/assets/vendors/jquery.min.js
IP
185.199.108.153:443
ASN
#54113 FASTLY

Requested by
https://www.financescam.com/legal/
Certificate
IssuerSectigo Limited
Subject*.github.io
Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91
ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /OwlCarousel2/assets/vendors/jquery.min.js HTTP/1.1
Host: owlcarousel2.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
access-control-allow-origin: *
etag: W/"5ad9e9ac-1538f"
expires: Tue, 22 Apr 2025 03:04:30 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 89D8:2A6F0F:59BA1B:5A5EA9:680704E6
accept-ranges: bytes
date: Wed, 14 May 2025 18:22:07 GMT
via: 1.1 varnish
age: 452
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1747246927.252297,VS0,VE3
vary: Accept-Encoding
x-fastly-request-id: 61497fe96ede9266026ead3cdbcc7ad6eeb75c35
content-length: 30544
X-Firefox-Spdy: h2

www.financescam.com/wp-content/uploads/2024/05/cropped-Asset-7-8-1-192x192.png

104.26.9.7

200 OK

5.2 kB

URL GET
www.financescam.com/wp-content/uploads/2024/05/cropped-Asset-7-8-1-192x192.png
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
5.2 kB (5189 bytes)
Hash
9f074ba53a29e5ae6aa2a7c835ab4f5c
8a56652ebc093f2f8870f662cfa5e8b5d1aadfa4
17d39013595a1bc729164b1aaa45d07c639c988acfeb1e8d6d6139d6c6dc2866

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/05/cropped-Asset-7-8-1-192x192.png HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Cookie: _ga_2XDSQEPGRY=GS2.1.s1747246928$o1$g0$t1747246928$j0$l0$h0; _ga=GA1.1.1545096040.1747246929
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:09 GMT
content-type: image/png
content-length: 5189
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b59881c0b3d-OSL
last-modified: Mon, 06 Jan 2025 12:49:44 GMT
etag: "677bd168-1445"
cache-control: public, max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1KcnnALCthTaOuzEJDCeWLK5tA7jlzUBtPa9KsHBOAK6jBv5%2FNy%2BhoZU9jMOTeuwDCDwJ1l6q%2F%2Fjt3zqkVtQRPaj6RUpWNWeZ7YeRYGK6oiiWVigihouJGJYTJapy%2FbmYu7ZZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1390&min_rtt=593&rtt_var=636&sent=833&recv=155&lost=0&retrans=1&sent_bytes=861196&recv_bytes=38622&delivery_rate=29330&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=2501&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor/assets/js/text-editor.c084ef86600b6f11690d.bundle.min.js

104.26.9.7

200 OK

1.4 kB

URL GET
www.financescam.com/wp-content/plugins/elementor/assets/js/text-editor.c084ef86600b6f11690d.bundle.min.js
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (1354)
Size
1.4 kB (1394 bytes)
Hash
fbb46d042cbaa297715281b405d27de6
70af55fa0359c6711e1ea78fa175ea13814eab5e
6d80dffc8d3a897c2eb4e7bc77b8906c9ad45a7484b6a962173959c9f72d8fbf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.c084ef86600b6f11690d.bundle.min.js HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Cookie: _ga_2XDSQEPGRY=GS2.1.s1747246928$o1$g0$t1747246928$j0$l0$h0; _ga=GA1.1.1545096040.1747246929; cf_clearance=Qew.ZDt00HCNvnToHX6EqbzAwOPcbn7pMx36pO41GXM-1747246929-1.2.1.1-yKRrf5YI4ozWoT_kCe3m4QDyK7C6qs6DHQGuiiYZwRqxUiBcwgAF3C27cV6PTU.ax35hDARh5HmL1VQAbmEbqUPvbofh5gl62uzhUd9AIsVOCGR734bzfDZkcmPiO2yqgFBeuwel_DfXqONaCqXejwegPmqAlP1Oj.mtdNkvLALAoyZceoa.qrhILBhdjJcL2n3IMjMM9k7l7EM.Q22jovOEOsaMR8H.ktltucpDJ32PFPnIkXiQ0pVt0.uyINZHrXpS6xB_H16DkUW43rLylTSzYpvkM7G5sZKJp25fhZyP3CC9woYHj86YStyPq0Lny2Iwg6MLrURyobANHx9YNW6vq9msV1h3V6bKkLN9EhE; personalize_sync=yes; RBUUID=afunu3j; _wpfuuid=c77c0e81-495a-4542-8d34-d088f736c602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:09 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b5beba00b3d-OSL
last-modified: Wed, 23 Apr 2025 16:18:09 GMT
vary: Accept-Encoding
etag: W/"680912c1-572"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cApMWvh4Ymt6zBW2beTcdZrFSIm1i19KvJqdVBD03V9DVqHlUKsbqsC5SJCqIuKI0yiLveykdo8JiG4j88B0M7a%2Fz4l%2BW2uMTbx76sAMBeCMi9x8SrI2FwoPwzFdGs3a2Lag7o4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1356&min_rtt=593&rtt_var=534&sent=848&recv=162&lost=0&retrans=1&sent_bytes=871463&recv_bytes=42520&delivery_rate=20904&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=2880&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/uploads/elementor/css/post-90133.css?ver=1747174330

104.26.9.7

200 OK

13 kB

URL GET
www.financescam.com/wp-content/uploads/elementor/css/post-90133.css?ver=1747174330
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (10388)
Size
13 kB (13234 bytes)
Hash
5a08df1f1febab2f55c662bca5237978
bdcac2d4e144b301741504adc15e52153668631c
279f79f2a0c58101372f0565e302a98913a59af3dc63ac724a9bbd24c58b41e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-90133.css?ver=1747174330 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d2d6a0b3d-OSL
last-modified: Tue, 13 May 2025 22:12:10 GMT
vary: Accept-Encoding
etag: W/"6823c3ba-33b2"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uje8vg0nieiCON%2BaiucgX1KjaUH3Sp7OTQqJa0pJIvTROxr0WkZ53YBscZN5R7qeTy12kHbQDisCXaIkbyDdBnoCg%2BDyYOMJTt%2FNhbMLhC4xEk1bZDTFulXGI8UaJmS3HOmmz%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3452&min_rtt=2642&rtt_var=1113&sent=26&recv=31&lost=0&retrans=0&sent_bytes=6652&recv_bytes=10097&delivery_rate=7426&cwnd=12000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=318&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/uploads/elementor/css/post-1954.css?ver=1747174333

104.26.9.7

200 OK

9.3 kB

URL GET
www.financescam.com/wp-content/uploads/elementor/css/post-1954.css?ver=1747174333
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (9261)
Size
9.3 kB (9300 bytes)
Hash
2fbc185ce59d7e9ed6b50bb7324a63b8
3ac49001468dffa907f8ac76cfb0298639c698ea
d724738e72c8898bc667c7e9ad8c056ae0f2c25d18703f6b83d44971a3164354

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-1954.css?ver=1747174333 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d3d830b3d-OSL
last-modified: Tue, 13 May 2025 22:12:13 GMT
vary: Accept-Encoding
etag: W/"6823c3bd-2454"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWOSErQtO3xsNyD%2BOJjEMyuAGGTAzx0DorkgOZ0gme%2BXhL8hb%2FH281paQgsCU4uU%2BzCpTTGWk9yA%2BWWEegxYlI3joAv1OlG2E7x0MyyUx0BA09ZE0bWxkTmWm8K9JO9LQHIHTEw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3242&min_rtt=1769&rtt_var=1255&sent=29&recv=32&lost=0&retrans=0&sent_bytes=9298&recv_bytes=10140&delivery_rate=1495354&cwnd=12000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=326&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

104.26.9.7

200 OK

14 kB

URL GET
www.financescam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d3d8f0b3d-OSL
last-modified: Mon, 06 Jan 2025 12:56:54 GMT
vary: Accept-Encoding
etag: W/"677bd316-3509"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T31vvKzJnbIgd0UraLHCMYNZ2YaWVNdLweBoWf0YqvGWhI5%2F%2FzfwKlFdnAGF1aemDRAHcK3XGBkcZPXfBI2xwy62T4ExWzc16zp5qToA0nzO%2BG5lL8hF8MCvRO%2BI%2F5Ub6ouF9Gg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2435&min_rtt=1144&rtt_var=1433&sent=39&recv=36&lost=0&retrans=0&sent_bytes=17496&recv_bytes=10312&delivery_rate=1098315&cwnd=12000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=340&x=1", cfExtPri, cfHdrFlush;dur=0

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

104.16.175.226

200 OK

156 kB

URL GET
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
IP
104.16.175.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
156 kB (155845 bytes)
Hash
abe91756d18b7cd60871a2f47c1e8192
7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 May 2025 18:22:06 GMT
content-type: text/css; charset=utf-8
content-length: 20016
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
x-served-by: cache-fra-eddf8230173-FRA, cache-lga21976-LGA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 141254
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r4iuFyJsUaDdXddeEsJx%2Fju38TqeGbQZWCv2GGdJKBD0ozTSJzg%2FkdmwkUpaFrnMIxO5AsZz7KKXuihU0yvia2wguzumkk9DzzBY4oLlCvGshMRuiVBpGng%2FLN%2Fag2SUEkc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93fc6b4d5d13b503-OSL
X-Firefox-Spdy: h2

www.financescam.com/wp-content/uploads/2022/07/brokercomplaintsdark.png

104.26.9.7

200 OK

4.6 kB

URL GET
www.financescam.com/wp-content/uploads/2022/07/brokercomplaintsdark.png
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.6 kB (4574 bytes)
Hash
902c1d12b699651bec03bf35dc7ba761
a4f781dcc50e1fd795b8c07df9cf21c6dfb47bcf
6733bc27f3024e7ed8c0a1a704a680b36660fc3b924ed99f3cf3b373791ba3a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/07/brokercomplaintsdark.png HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: image/webp
content-length: 4574
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d5dc00b3d-OSL
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=9574
content-disposition: inline; filename="brokercomplaintsdark.webp"
vary: Accept
etag: "67a46839-2566"
last-modified: Thu, 06 Feb 2025 07:43:53 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygYgMxMeVShy5A0QIX373p8mnosa1GnYAXj3D3k26dF9C%2FWqZfcSxRep3uA1AioZgzHVc6X75mZCo1q7416PrIQJjbSy1AQvgXq5c6tmI%2Fk8OaVb7xXgUnWitIkEMlPtAirpojE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1291&min_rtt=807&rtt_var=354&sent=196&recv=79&lost=0&retrans=0&sent_bytes=164120&recv_bytes=18763&delivery_rate=787956&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=566&x=1", cfExtPri, cfHdrFlush;dur=0

challenges.cloudflare.com/turnstile/v0/api.js?onload=wpformsRecaptchaLoad&render=explicit

104.18.95.41

302 Found

48 kB

URL GET
challenges.cloudflare.com/turnstile/v0/api.js?onload=wpformsRecaptchaLoad&render=explicit
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type

Size
48 kB (48200 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?onload=wpformsRecaptchaLoad&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 14 May 2025 18:22:07 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/6fab0cec561d/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 93fc6b4f495a5696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.financescam.com/wp-content/uploads/2024/05/Asset-4-8-1-1024x109.png

104.26.9.7

200 OK

11 kB

URL GET
www.financescam.com/wp-content/uploads/2024/05/Asset-4-8-1-1024x109.png
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (10796 bytes)
Hash
db38ea745a8e891ec63fd81c28ef2888
2df90efa27bf92c0670a1c0320b4cd4233d07063
482c53a779e078a0c8b9a96b7d36b82e0052484bcebf0c19dda89b0ed5b86da3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/05/Asset-4-8-1-1024x109.png HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: image/webp
content-length: 10796
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b51ecb50b3d-OSL
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=20669
content-disposition: inline; filename="Asset-4-8-1-1024x109.webp"
vary: Accept
etag: "677bd1f4-50bd"
last-modified: Mon, 06 Jan 2025 12:52:04 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84h877q9apqvSiDhbw6wslu%2Fx%2BCnjYYIS7ZLngmnonP6O%2BfxDCXOzSnZOtmvMBsj1forYc2lsw4xz2msePNkABrp%2FFh6hyMtCuvExXLbBdfpWmlp8hgRg%2B2arlqt3IgEJl5nLcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1658&min_rtt=593&rtt_var=434&sent=645&recv=120&lost=0&retrans=1&sent_bytes=664016&recv_bytes=22762&delivery_rate=9430121&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=1087&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/themes/financescam/js/custom.js?ver=1.0

104.26.9.7

404 Not Found

180 kB

URL GET
www.financescam.com/wp-content/themes/financescam/js/custom.js?ver=1.0
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
180 kB (180104 bytes)
Hash
50f8f9c35a581ee5b12ca9fcaccf6878
b1967ef8285765e011b517aca4f240b387895c76
e1f7993b4fb404e43f4121bb28a6e9ebbe361919bd8e73f976e9f65824a9adb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/js/custom.js?ver=1.0 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 May 2025 18:22:08 GMT
content-type: text/html; charset=UTF-8
cf-ray: 93fc6b52ddea0b3d-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-cache: HIT
cache-control: max-age=43200
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rp8LjOdsn5pDJ%2B0nmYFhxXhMsFV%2BQVZVU%2BlG%2FyW%2FZoa5B%2BhDiioZZKMtAYLYDhqu700i9fuRdZUJkxLExDRfgV%2FAUncUrlKpFpRzLtPpQfj1Mfo0dWfyWhcULukffBrA3iOWVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1970&min_rtt=593&rtt_var=1468&sent=765&recv=132&lost=0&retrans=1&sent_bytes=795856&recv_bytes=23552&delivery_rate=1506&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=1474&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.9.7

302 Found

8.4 kB

URL GET
www.financescam.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type

Size
8.4 kB (8371 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_2XDSQEPGRY=GS2.1.s1747246928$o1$g0$t1747246928$j0$l0$h0; _ga=GA1.1.1545096040.1747246929
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 14 May 2025 18:22:08 GMT
content-length: 0
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b5988330b3d-OSL
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gddhhy33%2BLXDC9Ljr7%2FCmNshn8X%2BmwUmSbHAYAY4fWhw%2BG%2FzfAYhVGbjUwVnH1q4Hc1X01MXrNV57M9y6I19eL28q2MMlVCwAOqCJz4d1vZ03gxncSH0EsfFWiEj%2FNKlaH2VqSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1582&min_rtt=593&rtt_var=857&sent=823&recv=141&lost=0&retrans=1&sent_bytes=854586&recv_bytes=25190&delivery_rate=6794035&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=2175&x=1", cfExtPri, cfHdrFlush;dur=0

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css?ver=2.3.4

104.17.25.14

200 OK

3.4 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css?ver=2.3.4
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
ASCII text, with very long lines (3184)
Size
3.4 kB (3351 bytes)
Hash
b2752a850d44f50036628eeaef3bfcfa
fba46353cf90450ef3d362a123f1e7af3e8c561e
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css?ver=2.3.4 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 May 2025 18:22:06 GMT
content-type: text/css; charset=utf-8
content-length: 845
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 93fc6b4d3d770b3d-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-d17"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 53860
expires: Mon, 04 May 2026 18:22:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TIS6ApNZq0jHobY9HmntVaMTtZk7v2nVjAMJxx38IpnEXrSgo6wUEBVK8usq9C3ZmaUSIEX3HGqgvlyKS5DdUnEsBbs37FmavV5djXpZ5RSBzPGOtO%2BysKYCncbxOiul0aITunUm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.financescam.com/wp-content/plugins/wpforms/assets/pro/css/frontend/modern/wpforms-full.min.css?ver=1.9.5.2

104.26.9.7

200 OK

56 kB

URL GET
www.financescam.com/wp-content/plugins/wpforms/assets/pro/css/frontend/modern/wpforms-full.min.css?ver=1.9.5.2
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (55837), with no line terminators
Size
56 kB (55837 bytes)
Hash
c281e6c584a1235cbeb8fff42fd951c7
b53e5db9b470748664f2bcf53bb3ac89c3b91e43
e285a222b6e12364c5a2d2803952c2c5d3ad423e1ae2b466ad3b6b1a51cb9bb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms/assets/pro/css/frontend/modern/wpforms-full.min.css?ver=1.9.5.2 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4ef81c0b3d-OSL
last-modified: Fri, 09 May 2025 09:44:22 GMT
vary: Accept-Encoding
etag: W/"681dce76-da1d"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1CXBgPLXgMDqGV5ok1TPT2CrUmib4gxZ8FWyjrBueNqhGEH%2FRcaNtqWxa%2FNsoQj3CyrNWTsjZ29mLmP6BqLsmWLQpcw8ux8rxTDRFIAYYscckLVgeHEbjg3eQsJ0Wef7HUSKPz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1758&min_rtt=593&rtt_var=480&sent=526&recv=106&lost=0&retrans=1&sent_bytes=533434&recv_bytes=21483&delivery_rate=1514979&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=845&x=1", cfExtPri, cfHdrFlush;dur=0

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js?ver=5.0.2

104.16.175.226

200 OK

79 kB

URL GET
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js?ver=5.0.2
IP
104.16.175.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
79 kB (78743 bytes)
Hash
0aa8d64e726c4a57adb5c88f9115996b
901169527507ff9e662cf64d8e361f359308970d
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js?ver=5.0.2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 21528
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: br
x-served-by: cache-fra-eddf8230080-FRA, cache-lga21939-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 148593
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U8x4Fu7qNNEcWs6xw3iT3LRjxJlpOhGjLJpiP8WLQ%2FqsEj7iFdAlY41ZEw4NuyCJvhcvp%2FtnJx4vp5If7xzWQQY%2FIkbDeG4GKVarEy91HDdxEyyWvFQeqdT9vpEoT4ah%2B24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93fc6b4f08de5696-OSL
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1

104.18.95.41

200 OK

86 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced
Size
86 B (86 bytes)
Hash
70c202196187ab3c11b4e094c20c6de1
9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863
6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:09 GMT
content-type: image/png
content-length: 86
priority: u=4,i=?0
server: cloudflare
cf-ray: 93fc6b5bdd8b56be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

www.financescam.com/wp-content/uploads/elementor/google-fonts/css/inter.css?ver=1745146315

104.26.9.7

200 OK

50 kB

URL GET
www.financescam.com/wp-content/uploads/elementor/google-fonts/css/inter.css?ver=1745146315
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text
Size
50 kB (50337 bytes)
Hash
6b2ce39aae5b292d81398d9f7c76e1ad
5cb4dc69820085c330fd00822bee4aaae96bed74
def903af09ccb7eb534b49cfeb31cc3bdbb5a2a6c73870ed3b3a64a3ba792083

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/google-fonts/css/inter.css?ver=1745146315 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d3d8b0b3d-OSL
last-modified: Sun, 20 Apr 2025 10:51:55 GMT
vary: Accept-Encoding
etag: W/"6804d1cb-c4a1"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPMoV8t2moAxkSJumxnCGbtM5PDXRtL8Q7pnpEsUzyHcekjvNPUZglTB3vdCtSxrB%2B01GXn9XCDnpVrL9LzdVOqPsAqFfM21wtXsZBW%2FCFluCeAz50p%2BGidlGeCy8thGvXe%2BYeI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1389&min_rtt=807&rtt_var=456&sent=185&recv=76&lost=0&retrans=0&sent_bytes=154344&recv_bytes=18619&delivery_rate=2514811&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=547&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/uploads/2025/01/joinbacgroundimg.png

104.26.9.7

200 OK

163 kB

URL GET
www.financescam.com/wp-content/uploads/2025/01/joinbacgroundimg.png
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
PNG image data, 3726 x 1088, 8-bit/color RGBA, non-interlaced
Size
163 kB (163402 bytes)
Hash
5c9cee2eba8dcebf792f9b192022ccfc
c089d00b97bbc36ec8a1b8532ebb87582c76c1f5
996760e075706be042c8765a68a58d9717013d40e3523e93e24154167f9811d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2025/01/joinbacgroundimg.png HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: image/png
content-length: 163402
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d6dcf0b3d-OSL
last-modified: Mon, 06 Jan 2025 12:47:18 GMT
etag: "677bd0d6-27e4a"
cache-control: public, max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5g5lpxuQriBKtphjKo2fcyhSg3%2BC%2BuIZiCPIolCgBx%2FkAetESsD4JFCeS%2F%2FyM1hL7pbPtd5SF3GhG0Jh4nhrArMnq9XyRIaGWrPIimesLwEihkPF6zOyEniGS%2FsD7p3UHI0DiE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1430&min_rtt=593&rtt_var=697&sent=297&recv=89&lost=0&retrans=0&sent_bytes=271951&recv_bytes=19243&delivery_rate=13815261&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=671&x=1", cfExtPri, cfHdrFlush;dur=0

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js?ver=2.3.4

104.17.25.14

200 OK

44 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js?ver=2.3.4
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (31997)
Size
44 kB (44342 bytes)
Hash
f416f9031fef25ae25ba9756e3eb6978
e2a600e433df72b4cfde93d7880e3114917a3cbe
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js?ver=2.3.4 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 10158
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 93fc6b4f09760b65-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-ad36"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 621858
expires: Mon, 04 May 2026 18:22:07 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7cN7yT17aU24oOnjLivBhBAubI8SApm%2FLlj3ZZ1QbFkc9%2FQG92skJu2QifCzBqxZBOXJK83pPD2eQqvnMVrzFC4HyB%2BsSCyHHFbNIFvi27KSjlDaYBxNx%2ByisuV9GwkJvhZs3yR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

www.financescam.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.28.4

104.26.9.7

200 OK

48 kB

URL GET
www.financescam.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (48352)
Size
48 kB (48393 bytes)
Hash
bb063c394bf9e36adef1c3fb9a0dd089
5646a3b1dd0e5dfda443f42921b777993d6855be
bb6d11f129aed3561eb1863a57c3800ccd631c640bd605c5db00be9aec7e20b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f18410b3d-OSL
last-modified: Wed, 23 Apr 2025 16:18:09 GMT
vary: Accept-Encoding
etag: W/"680912c1-bd09"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9DME1%2BZGvtFE3vaKmVkDxCJwnifR1Kfsp%2FKIQybmJfL68%2BtXknhC07kYUF6NciDGJG9YJj0x5hJy%2FnyIQcUZQ94LtKevzJm3thikMGSkarmhFPUpvQ94qpf8537mSnn38%2FcWcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1879&min_rtt=807&rtt_var=1320&sent=231&recv=83&lost=0&retrans=0&sent_bytes=199778&recv_bytes=18959&delivery_rate=2940953&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=627&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6

104.26.9.7

200 OK

4.8 kB

URL GET
www.financescam.com/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (4741)
Size
4.8 kB (4776 bytes)
Hash
c6fddbb6be69793478de26fc245b2acf
a136ebf5054fdc19729b3592005fe0fefec4bb4c
9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f18430b3d-OSL
last-modified: Mon, 06 Jan 2025 12:56:51 GMT
vary: Accept-Encoding
etag: W/"677bd313-12a8"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5d1O2lJ0C8mvXFFYROjzJz2g%2BLoFUCUJvn8tRm%2BEBl%2BdBKe4J1Kpm2jUwdavGvU4efqMhYqoTVS%2FpmhX1k8OcII9Im7%2FarofxuYJjHrISB4oKXaewXUkJOEYcFbnHhMYy%2BZKwE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1891&min_rtt=593&rtt_var=677&sent=491&recv=103&lost=0&retrans=1&sent_bytes=495390&recv_bytes=21346&delivery_rate=3322568&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=832&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/legal/

104.26.9.7

200 OK

329 kB

URL User Request GET
www.financescam.com/legal/
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
329 kB (329295 bytes)
Hash
fe17c0540a986c2685e078952c8dcc12
272ccda957267435a7eabe3a13b41b1df0059705
a7c3eb619d088a9ba55fe5e287e9e80972d2521434f05bfbd5e64c63b420d83b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legal/ HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 May 2025 18:22:06 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
content-encoding: br
cf-ray: 93fc6b4978d9569a-OSL
cf-cache-status: BYPASS
age: 3154
cache-control: max-age=0, s-maxage=2592000
expires: Wed, 14 May 2025 17:29:31 GMT
vary: Accept-Encoding, Accept-Encoding
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
x-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rB7S9tKcDsqLassFy6NovBzIeRH14ZXKo%2B%2FCG%2Fwh4kkG376TN52LmCJ3l%2B6%2FAGJ2yhlAj6hsaYowqJTuD%2FwSvnkRImpdfudoDDwkGeyWVCDb6stmFx3J9L973mMDNiRnDl8%2Fapk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="BYPASS", cfL4;desc="?proto=TCP&rtt=5814&min_rtt=447&rtt_var=10753&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3210&recv_bytes=1132&delivery_rate=8074349&cwnd=254&unsent_bytes=0&cid=2c079c710bc5f022&ts=426&x=0"
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?ver=5.0.2

104.16.175.226

200 OK

156 kB

URL GET
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?ver=5.0.2
IP
104.16.175.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
156 kB (155845 bytes)
Hash
abe91756d18b7cd60871a2f47c1e8192
7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css?ver=5.0.2 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 May 2025 18:22:06 GMT
content-type: text/css; charset=utf-8
content-length: 20016
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
x-served-by: cache-fra-eddf8230173-FRA, cache-lga21976-LGA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 141254
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0qRllFIDHCO%2F5%2BwJPyRhmlGQaWtocq%2BfOpvrQvnrsl4hOewCbBcFHqxBolqjmu4WmXSxuslS2hUusJq7FSYc9SxEN491YrEzEzuhiRqEZmSXj4ssjhBEqY1LatZFGyCYHeA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93fc6b4d4d05b503-OSL
X-Firefox-Spdy: h2

www.financescam.com/wp-content/uploads/elementor/google-fonts/css/roboto.css?ver=1745146308

104.26.9.7

200 OK

108 kB

URL GET
www.financescam.com/wp-content/uploads/elementor/google-fonts/css/roboto.css?ver=1745146308
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (1572)
Size
108 kB (108054 bytes)
Hash
61d17ffd8d5e4a9beccc7053bb89e436
152eb5492bf5d0b243d94db3279fa9683594eef9
26dbeea4f4cc3fbc1b15230a29a0f5eb2bf5b33a2d94cd245d5f6b1c5b4c5c75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/google-fonts/css/roboto.css?ver=1745146308 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d3d870b3d-OSL
last-modified: Sun, 20 Apr 2025 10:51:49 GMT
vary: Accept-Encoding
etag: W/"6804d1c5-1a616"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AB%2FyDBdz4MQDoCagF3lkMHqbbovvqWDOho%2Fa%2BXs8CtqpwHUTS3LBw%2B6jJBgnae2hjDA%2FkuhK%2BG23WKSRiTm294IgjKnIc4i70FscKHERKxlTzThH99mRIVmDNuxJkpB7lbLridQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1424&min_rtt=807&rtt_var=514&sent=181&recv=75&lost=0&retrans=0&sent_bytes=150662&recv_bytes=18570&delivery_rate=4652285&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=542&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/?local_ga_js=c9fd04eb2fd7ed74b790f562023b0c5b

104.26.9.7

200 OK

179 kB

URL GET
www.financescam.com/?local_ga_js=c9fd04eb2fd7ed74b790f562023b0c5b
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (1801)
Size
179 kB (178744 bytes)
Hash
f2785a3a83c4d849b590d57cbd81b54c
fe751e9af8bab223272979ec46e3a851ce8bb2e2
c08690f8a0b04ff72737a9c7ffec270d00e9f243b6a87bc5875c2d257e65dbd1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?local_ga_js=c9fd04eb2fd7ed74b790f562023b0c5b HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
content-length: 66459
speculation-rules: "/cdn-cgi/speculation"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93fc6b4d4d970b3d-OSL
cf-cache-status: BYPASS
accept-ranges: bytes
age: 3644
cache-control: max-age=604800, public, max-age=2592000, s-maxage=2592000
content-encoding: gzip
expires: Fri, 13 Jun 2025 17:21:22 GMT
vary: Accept-Encoding
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
x-cache: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uffymln0r4sj%2BaQRuqUnU1Q8jIMHcJP3I4ZvR5FSv7eoxwta8inKKJZl8Vwe2LGTMooB1ggOw1bxlKtYQpgHzlwsPDVRYAoFMEOSorFLuq0y388r6EWJdCwkjyi3nBXWrvQ%2F4Ds%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1440&min_rtt=593&rtt_var=904&sent=275&recv=88&lost=0&retrans=0&sent_bytes=245945&recv_bytes=19195&delivery_rate=9473721&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=666&x=1", cfExtPri, cfHdrFlush;dur=0

fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

142.250.74.10

200 OK

4.8 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
4.8 kB (4792 bytes)
Hash
d6044b2435d928dcdadfc771c512e628
f080eeacb7bdc06d1bdf2c2cf2782a343adb7696
d4b0f12567698361ad53077547d77d05e83b5ed6e772423fb2817b6d1e785427

HTTP Headers

GET /css2?family=Poppins:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 May 2025 18:22:07 GMT
date: Wed, 14 May 2025 18:22:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/swiper@10/swiper-bundle.min.css

104.16.175.226

200 OK

18 kB

URL GET
cdn.jsdelivr.net/npm/swiper@10/swiper-bundle.min.css
IP
104.16.175.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
ASCII text, with very long lines (18192)
Size
18 kB (18451 bytes)
Hash
eb21d0f0053cd0b33a1e2107e95156d2
715460aed84071944bc26b7cb1e565f3ed107221
79a42e24b867ff52d9e4d766b96d8882c83f18e7442408a41c4b09a043dffccb

HTTP Headers

GET /npm/swiper@10/swiper-bundle.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 May 2025 18:22:06 GMT
content-type: text/css; charset=utf-8
content-length: 5121
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 10.3.1
x-jsd-version-type: version
etag: W/"4813-cVRgrthAcZRLwmt8seVl8+0QciE"
content-encoding: br
x-served-by: cache-fra-eddf8230084-FRA, cache-lga21964-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 18394
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2EWgU0QYcjw%2F89SklOSqSqAoj0VFmV3Hk4CQvFSRCePP0AlcwOGesg5LvmeLI50CuN%2BJVNsAVtadhJuqZtr0zs3UWOOYKPu5Mua5c%2FlLPb1%2FfjUzAdrpAP2yyVRaO4t3NKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93fc6b4d5d1bb503-OSL
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/g/6fab0cec561d/api.js

104.18.95.41

200 OK

48 kB

URL GET
challenges.cloudflare.com/turnstile/v0/g/6fab0cec561d/api.js
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
JavaScript source, ASCII text, with very long lines (48199)
Size
48 kB (48200 bytes)
Hash
3946a8b345d6020f3f424ae5f37e818f
27267dd319814b647f04bfe0ae09e1ca51ddc896
a7fdcf655a6349724c367f366c852b2e0309e9ad7a25b376df82a48e1dd98482

HTTP Headers

GET /turnstile/v0/g/6fab0cec561d/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.financescam.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 12 May 2025 13:39:20 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
priority: u=3,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 93fc6b52299956be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

www.financescam.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.a23fbd67486c5bedf26c.bundle.min.js

104.26.9.7

200 OK

5.3 kB

URL GET
www.financescam.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.a23fbd67486c5bedf26c.bundle.min.js
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (5238)
Size
5.3 kB (5282 bytes)
Hash
478fc25b9637d1406c639dde4dffff29
ae3211fbb7d4ae5de7769e970da8ea314fad6618
54364b2c25e5f5e592b8b6184c749f085f024d96ae27f1cdad3472060c32c307

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.a23fbd67486c5bedf26c.bundle.min.js HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Cookie: _ga_2XDSQEPGRY=GS2.1.s1747246928$o1$g0$t1747246928$j0$l0$h0; _ga=GA1.1.1545096040.1747246929; cf_clearance=Qew.ZDt00HCNvnToHX6EqbzAwOPcbn7pMx36pO41GXM-1747246929-1.2.1.1-yKRrf5YI4ozWoT_kCe3m4QDyK7C6qs6DHQGuiiYZwRqxUiBcwgAF3C27cV6PTU.ax35hDARh5HmL1VQAbmEbqUPvbofh5gl62uzhUd9AIsVOCGR734bzfDZkcmPiO2yqgFBeuwel_DfXqONaCqXejwegPmqAlP1Oj.mtdNkvLALAoyZceoa.qrhILBhdjJcL2n3IMjMM9k7l7EM.Q22jovOEOsaMR8H.ktltucpDJ32PFPnIkXiQ0pVt0.uyINZHrXpS6xB_H16DkUW43rLylTSzYpvkM7G5sZKJp25fhZyP3CC9woYHj86YStyPq0Lny2Iwg6MLrURyobANHx9YNW6vq9msV1h3V6bKkLN9EhE; personalize_sync=yes; RBUUID=afunu3j; _wpfuuid=c77c0e81-495a-4542-8d34-d088f736c602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:09 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b5bdb720b3d-OSL
last-modified: Tue, 06 May 2025 14:59:56 GMT
vary: Accept-Encoding
etag: W/"681a23ec-14a2"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hjwc7t2PDxqdf7%2FBCt7FYmftqJyjDywrwX%2FCzLnVk0WTaXUSxmSDyS3Isy5aYtcZEp%2FWzQtaMYLXuqdti8Bk0zMH0C9IRjbyIoIUKRRt0EUXgijSFMdyM%2BSJY1saYzhOIolM%2Buo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1375&min_rtt=593&rtt_var=660&sent=845&recv=161&lost=0&retrans=1&sent_bytes=868795&recv_bytes=42476&delivery_rate=6083&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=2670&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/themes/financescam/assets/styles.css?ver=2.6.8

104.26.9.7

200 OK

138 kB

URL GET
www.financescam.com/wp-content/themes/financescam/assets/styles.css?ver=2.6.8
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text
Size
138 kB (137815 bytes)
Hash
68cb8642af5c8a0004440b80ddea2064
d67271545e4b4781c3b1c8a4add9c2034a252d72
1f2e45a171a7850d35002dca33c5ba30e0a267c6467aaf45a0db376a6fe93780

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/assets/styles.css?ver=2.6.8 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d0d290b3d-OSL
last-modified: Mon, 12 May 2025 07:26:26 GMT
vary: Accept-Encoding
etag: W/"6821a2a2-21a57"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNtbGFIo4X%2FqHKhPuMXn1dkgsWp3%2Fc1VbEmIgzQFBPVYzjurr8B0XZQqevEKgJspTAekKXcATcyHpzxB9NBSfNucX%2F2d1XHQlt0LyA6kqid255D6RwJtNdgAR4iftCKzFMt1w1k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1451&min_rtt=807&rtt_var=614&sent=155&recv=74&lost=0&retrans=0&sent_bytes=123340&recv_bytes=18521&delivery_rate=1110438&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=538&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css?ver=3.28.4

104.26.9.7

200 OK

27 kB

URL GET
www.financescam.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
Unicode text, UTF-8 text, with very long lines (26846)
Size
27 kB (26891 bytes)
Hash
a30520214e5708450524fbcc32a1128c
17b0e55fed73e0fb98501c0e951d6abcf8607cb7
0d5deb1a7750a66615f4d484e7309e808bd5b3d8ff22a421db40857f392719e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d1d4c0b3d-OSL
last-modified: Tue, 06 May 2025 14:59:56 GMT
vary: Accept-Encoding
etag: W/"681a23ec-690b"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=upJ9n4RAWfzMsG8Wzpx2xI0WJC6oT82Kz9lyDOdnSW%2BGazlPFV0fimcoDv8PsrFvIat7my7MdvHXj2W%2BlfICDp4Ar3dKVBU%2ByekZRxW9imVkFK4iObOkeUB0iGhpWVjqRjs9sXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1568&min_rtt=807&rtt_var=747&sent=144&recv=72&lost=0&retrans=0&sent_bytes=114152&recv_bytes=18429&delivery_rate=1422597&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=525&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/breeze/assets/js/js-front-end/breeze-prefetch-links.min.js?ver=2.2.10

104.26.9.7

200 OK

1.4 kB

URL GET
www.financescam.com/wp-content/plugins/breeze/assets/js/js-front-end/breeze-prefetch-links.min.js?ver=2.2.10
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (1312)
Size
1.4 kB (1356 bytes)
Hash
c2db6af18130626895809849cec278a9
74a9f7fd35d36105d67290cf31a95cb0507eae37
bade9191996ed64020bc4ef37dba4490653e2bdbeaab88effc080b61735d97ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/breeze/assets/js/js-front-end/breeze-prefetch-links.min.js?ver=2.2.10 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d3d910b3d-OSL
last-modified: Mon, 05 May 2025 16:48:35 GMT
vary: Accept-Encoding
etag: W/"6818ebe3-54c"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TpYQqtfR3cq7SNGzZoMDUgErpVPqKBWrnyWYt9GxDuyc5k7opzHCutd7WDkwwuU2%2BVJ%2F%2Ffseul%2F4er0wJHDKBqmy5gYIQEJKF%2FU3pt8K6fhPaaILD3EH1p2e7u3xE0KsMkUTkis%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2312&min_rtt=1144&rtt_var=1319&sent=44&recv=37&lost=0&retrans=0&sent_bytes=23203&recv_bytes=10357&delivery_rate=3915082&cwnd=12000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=347&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/wpforms/assets/js/share/utils.min.js?ver=1.9.5.2

104.26.9.7

200 OK

1.5 kB

URL GET
www.financescam.com/wp-content/plugins/wpforms/assets/js/share/utils.min.js?ver=1.9.5.2
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (1500), with no line terminators
Size
1.5 kB (1500 bytes)
Hash
dd247aaff16ce4fa6ccea5df681ae05d
400983f99d86999e827cc2934bb0a9e299c46aca
70a6e1b5aa1b0f0833c120b4dd4d38dd36460fb55d4b1416ea7a0859642cf0be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms/assets/js/share/utils.min.js?ver=1.9.5.2 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f28650b3d-OSL
last-modified: Fri, 09 May 2025 09:44:21 GMT
vary: Accept-Encoding
etag: W/"681dce75-5dc"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6l4GeFAgZYY5WiZJa2W0tZs29slhRgR6LKP42%2FrbY9q3skrPs1kcC8QqbYQW6dR5%2FueonZr8B1W4s1pA5l0Klt0yjDOeB2FXCI5fwnvuSO3mmwJznLrSHjp6NJQJ2%2Bod9TsXl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2130&min_rtt=593&rtt_var=978&sent=581&recv=110&lost=0&retrans=1&sent_bytes=594429&recv_bytes=21666&delivery_rate=1611165&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=865&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Light.otf

104.26.9.7

404 Not Found

184 kB

URL GET
www.financescam.com/wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Light.otf
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
184 kB (184179 bytes)
Hash
e16be2346eea7e343d1471084e068d57
3619846aa50c996436a8d9b5adaa7fd41f308647
5cea6322c39140e375f0418f9d1eb21bdb66986a4829326c378f691cd25ddd66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Light.otf HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/wp-content/themes/financescam/assets/styles.css?ver=2.6.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/html; charset=UTF-8
cf-ray: 93fc6b51dc950b3d-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-cache: HIT
cache-control: max-age=43200
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F1Z7wlbe%2FnrMP1Fn4VDNu93gsdxzj4T4egGJZ5UX3DvehKnCjCySUXfR1g%2BocKMTqm%2FIE5nnZgUr9LnKd7uLK7%2B2nsHxQg7aifi8G6bEU%2FviQIi9ToqQKHhu76ZyeFEzsPX1N%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1615&min_rtt=593&rtt_var=413&sent=656&recv=122&lost=0&retrans=1&sent_bytes=675908&recv_bytes=23097&delivery_rate=5873314&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=1097&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/themes/financescam/js/loadmore.js

104.26.9.7

404 Not Found

184 kB

URL GET
www.financescam.com/wp-content/themes/financescam/js/loadmore.js
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
184 kB (184179 bytes)
Hash
fc90fcb02bde4d893dba5d722dff6ba6
77c5cb8c3210f3a25fe0686e9f9870737639767c
38e0826027a5aa6009efa9212c28bdf7b03d83df25e065d3857e41ac0e4e9e11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/js/loadmore.js HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 May 2025 18:22:08 GMT
content-type: text/html; charset=UTF-8
cf-ray: 93fc6b5569bd0b3d-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-cache: HIT
cache-control: max-age=43200
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDcb3etpqCP7Sl596iJSSQHrOnhIeRF0jWWHCV%2Fg4CxJTVAb%2F%2B3X1XtHynGbJVye%2Fd5Va1yC3aN3xx8wzOEToWibXWThnoaetGQ9jUIvV3nw0VQA4toMkmcb31yu2GQ89XDw4NQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1727&min_rtt=593&rtt_var=1026&sent=793&recv=136&lost=0&retrans=1&sent_bytes=824511&recv_bytes=23973&delivery_rate=1257&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=1867&x=1", cfExtPri, cfHdrFlush;dur=0

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=93fc6b5b1c2956be&lang=auto

104.18.95.41

200 OK

114 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=93fc6b5b1c2956be&lang=auto
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (113642 bytes)
Hash
cb577a1ac25e29b5da3989427ec7eeb4
8992c27c068e9b0a2457c8255d5e753ef81e9a2a
af11a65b7c892d835a1c101b5cd58673fc8fe7be1c9378e989030a186065c083

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=93fc6b5b1c2956be&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:09 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 93fc6b5bfdcd56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/151524246:1747243110:1i_nmBIk_XjGZqbN3IZem3REpsI-W05BQMRtE04Duao/93fc6b5b1c2956be/faNrKsibbzTQpT7XFvyr9x7Rink4Q.O.Lp.55gjJOnI-1747246929-1.2.1.1-2QG9DOnF7ufNTiB1GUAJ_XZyIwY2Cr3STj2QblulLfHzTwsZ0JqEivKVouTUZS8K

104.18.95.41

200 OK

6.4 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/151524246:1747243110:1i_nmBIk_XjGZqbN3IZem3REpsI-W05BQMRtE04Duao/93fc6b5b1c2956be/faNrKsibbzTQpT7XFvyr9x7Rink4Q.O.Lp.55gjJOnI-1747246929-1.2.1.1-2QG9DOnF7ufNTiB1GUAJ_XZyIwY2Cr3STj2QblulLfHzTwsZ0JqEivKVouTUZS8K
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
ASCII text, with very long lines (6428), with no line terminators
Size
6.4 kB (6428 bytes)
Hash
d951088e797132d0aefd0a2b899e8dc1
5330751041944ec93e339378dda8acf39ca782d4
0f26576539aad8742521777695002ae130a51c425d83bda3f634f2b11555a088

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/151524246:1747243110:1i_nmBIk_XjGZqbN3IZem3REpsI-W05BQMRtE04Duao/93fc6b5b1c2956be/faNrKsibbzTQpT7XFvyr9x7Rink4Q.O.Lp.55gjJOnI-1747246929-1.2.1.1-2QG9DOnF7ufNTiB1GUAJ_XZyIwY2Cr3STj2QblulLfHzTwsZ0JqEivKVouTUZS8K HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
cf-chl: faNrKsibbzTQpT7XFvyr9x7Rink4Q.O.Lp.55gjJOnI-1747246929-1.2.1.1-2QG9DOnF7ufNTiB1GUAJ_XZyIwY2Cr3STj2QblulLfHzTwsZ0JqEivKVouTUZS8K
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 33785
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:13 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: erXyljKmiUmg74br7Fz8L7mmGK8/nAJ6U3TWU29hXvn2x4qX5Csyw1/3zTRm+hGHJYwmup4yoe3d25nDQ1LD75t3uQSrwX3ISVgpaGmYSkGQu8ch/arcxckjzL5Peb2xDyOB7vr4nTpV7fv4ls8Lmyo/xISOnsLezQPKfbb9QHNCdwCGUZZvXmlSDxuj6AbSMbw480gt4gCA1D2dmpSTCpGltfM8icsBOkMdwUbre/mtSBZ0BsAle/NdtPn2Sw4Eocd72RD4rGxXMsqSYbC6ojJRQH2JSwKvzia1w77vhoDmquhlWaPYnBwIYBoOTApZjHCKKHRM5zn5R34dnbXqu2HHdtyHgG6VfP1N3sKpr5i3ocsjRh7dN2T+08F6f8JedDy9zOJrY+pOUAhuaeE8djz7w6U9FmZPdkvYbD8jWbTk9yHgsrvEEdrKwWxGv5SO9hdZVni9fBU6eGWECkE+zKxd9pUJgYNF0mem/wuRc4TjsQpCfHEyhzLlT+AQo1Ch70KARonjV/leWIbwThNLuKSXyp5NDmO7UNMx4PYtV4zl9f1fUDRq7xlQEUIwb4ytzAqbDQtb+ilZca1y32zJPNfK26fB4tTmG30fQvgKQUoP8daHjTtovoP4VnGZ1t3a$C/ZbU/DIDZrMk+NRSmBmCQ==
cf-chl-out: +w5KTBQPPR7BOdT0pTOGQhrlC0IhKDCLMxHP/ye3eZVvkQak2wQlMJb1BL+CxGgCn3AznapQasSGyHuRJoJPYg==$wX4vs8OOsUlz0ouxVuuXrg==
priority: u=3,i=?0
server: cloudflare
cf-ray: 93fc6b757f8e56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

www.financescam.com/wp-content/plugins/elementor/assets/css/conditionals/apple-webkit.min.css?ver=3.28.4

104.26.9.7

200 OK

7.0 kB

URL GET
www.financescam.com/wp-content/plugins/elementor/assets/css/conditionals/apple-webkit.min.css?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (7025), with no line terminators
Size
7.0 kB (7025 bytes)
Hash
e9b1e2081a27f02916ca1f02303c6adf
96a85e6703454bb25109acf38dc9756cbfc347f4
02c3b1394964fd713f366fd878ba6c450f8e51618d7d98dcc3ba0b6e94ef3800

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/conditionals/apple-webkit.min.css?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d1d4f0b3d-OSL
last-modified: Wed, 23 Apr 2025 16:18:09 GMT
vary: Accept-Encoding
etag: W/"680912c1-1b71"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYDdKigFTzhbxGcWlO%2BDrEwPjTMNriJiPHhTRmfZu1ZocyDQMXMJienrBMO7QeFKyvV39XJb1RXvc2HrNyqA1CeqZdZL5wco0jbD2wyDXCuoEQAEnscU0Qy8dpmgj76hB5DvQgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3573&min_rtt=2653&rtt_var=1652&sent=24&recv=29&lost=0&retrans=0&sent_bytes=5354&recv_bytes=10011&delivery_rate=241899&cwnd=12000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=315&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/uploads/2022/07/complaintbox.png

104.26.9.7

200 OK

3.4 kB

URL GET
www.financescam.com/wp-content/uploads/2022/07/complaintbox.png
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.4 kB (3376 bytes)
Hash
c3738d712a42c65bddb3b1a0a7f35246
ad2e4b93a731c994a5fdb2ed231a959e5f9079a2
61617295394b3a1fdc25181d017b847953205642cc6eb91815fa2b9db5e0600b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/07/complaintbox.png HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: image/webp
content-length: 3376
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d5dbd0b3d-OSL
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=6030
content-disposition: inline; filename="complaintbox.webp"
vary: Accept
etag: "67a46824-178e"
last-modified: Thu, 06 Feb 2025 07:43:32 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5iiErzuY1BOmp7cS8HrkbuNNOHDFrO82na0tb6TOuEiLrvI%2FJGCCdu4%2BDfNGSLDMUWQ5MI0yZfFcUISAlGpn2fD6b%2Fxl3yCtqtpXe0MkudF8brehYhH3AI2KTDf%2FdiFlWMIcD%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1334&min_rtt=807&rtt_var=356&sent=191&recv=78&lost=0&retrans=0&sent_bytes=159829&recv_bytes=18715&delivery_rate=3416211&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=553&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.28.4

104.26.9.7

200 OK

44 kB

URL GET
www.financescam.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (44203)
Size
44 kB (44243 bytes)
Hash
a8d69da81f6fc6691d1de30ae4cf4a5f
bc595ccd13214fd8acbef1aa5e389dbff1c0acf8
85b6b8c36b34a35aa2c3180baa5f3ad249379206dd297b48c5d249c6a4025206

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f184e0b3d-OSL
last-modified: Wed, 23 Apr 2025 16:18:09 GMT
vary: Accept-Encoding
etag: W/"680912c1-acd3"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ohRnvUue87zb%2FL%2F37MSeeCqQPmi8odtqGGIk3pPSQ8BmUUqHjr6PJm41fxo4sf%2B8EolVbaCzzaslR%2FTTQGmHz6RxKMLA6Pm60p53nNkrDClso%2F9h0DSfs6xPZOOjizlkW0USJ00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1742&min_rtt=593&rtt_var=392&sent=561&recv=107&lost=0&retrans=1&sent_bytes=571931&recv_bytes=21528&delivery_rate=2789287&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=852&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/cdn-cgi/challenge-platform/h/g/rc/93fc6b5b1c2956be

104.26.9.7

200 OK

0 B

URL POST
www.financescam.com/cdn-cgi/challenge-platform/h/g/rc/93fc6b5b1c2956be
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/93fc6b5b1c2956be HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.financescam.com/legal/
Content-Type: application/json
Content-Length: 1002
Origin: https://www.financescam.com
DNT: 1
Connection: keep-alive
Cookie: _ga_2XDSQEPGRY=GS2.1.s1747246928$o1$g0$t1747246928$j0$l0$h0; _ga=GA1.1.1545096040.1747246929; cf_clearance=Qew.ZDt00HCNvnToHX6EqbzAwOPcbn7pMx36pO41GXM-1747246929-1.2.1.1-yKRrf5YI4ozWoT_kCe3m4QDyK7C6qs6DHQGuiiYZwRqxUiBcwgAF3C27cV6PTU.ax35hDARh5HmL1VQAbmEbqUPvbofh5gl62uzhUd9AIsVOCGR734bzfDZkcmPiO2yqgFBeuwel_DfXqONaCqXejwegPmqAlP1Oj.mtdNkvLALAoyZceoa.qrhILBhdjJcL2n3IMjMM9k7l7EM.Q22jovOEOsaMR8H.ktltucpDJ32PFPnIkXiQ0pVt0.uyINZHrXpS6xB_H16DkUW43rLylTSzYpvkM7G5sZKJp25fhZyP3CC9woYHj86YStyPq0Lny2Iwg6MLrURyobANHx9YNW6vq9msV1h3V6bKkLN9EhE; personalize_sync=yes; RBUUID=afunu3j; _wpfuuid=c77c0e81-495a-4542-8d34-d088f736c602
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:13 GMT
content-length: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 93fc6b76ba2e0b3d-OSL
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=feQUjUP%2BFe5QAsNmTDMrBUs3jXGGzMUY8%2Fzle%2F7LdBAScKucjBJVB2dIOI9tQr3R8WMH%2FmYJTThFv9m%2FwiwHNQLpS0i1HMY%2BGpiSyADxjg7LO7Ts5amo6YVNgDxoDozz8SQQuXI%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: cf_clearance=AVMmsWILeUJK7omlU0LbAShT5irtdm5WhOJRH1FOWm4-1747246933-1.2.1.1-kRoJbTzitPtd5xKHGqSoDt_TB5pUV_Ps3WO8EzzeT9K_CDiiDx1ONEAjVjoLeEjsKnWQwtnq.wSJ8tQGmingdsq2JsfKayYkFRoUDg5sHgqafBqq7y1hpSlvb7PfhnCWNvSQQurrolvQf5.9i2Uz7XWhwH07ALxACW9ixRieSQUhMmx461MS50.rvZAatYUtJU7qG2UIu3b7MNrzae9GZzR97twHsebkVE1Bo3Pks_3Al7dd1cJOnjyaSrfRSpRSrHVF4ajOx7oUJkuwvZQQVRYb35g9XZNuZR86Lmvjs1VfvwwI9zOBdwiRMQ._oWmGC.ZSEbQ00bFctOe78wrF.YSmbMiRVVn94uUh2_TiJlpDTLNedcr8ktx8RlXvk47b; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=financescam.com; Expires=Thu, 14 May 2026 18:22:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1371&min_rtt=593&rtt_var=430&sent=851&recv=165&lost=0&retrans=1&sent_bytes=872917&recv_bytes=44427&delivery_rate=738902&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=6887&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

104.26.9.7

200 OK

88 kB

URL GET
www.financescam.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d3d8e0b3d-OSL
last-modified: Mon, 06 Jan 2025 12:56:52 GMT
vary: Accept-Encoding
etag: W/"677bd314-15601"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LGFb5e%2FVGNDKiid5%2Bo1RYjDjocnT89ZPB16CBooetzW3Rn3OUFxTpINQohUa1qBeD9A23qgTdznNDVe3JgdxzoZxvGaWxllB0QXNshQoMXjDAiJs7Ak7HLb06nD2T4UPGTEty4E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2208&min_rtt=1144&rtt_var=1198&sent=46&recv=38&lost=0&retrans=0&sent_bytes=24672&recv_bytes=10402&delivery_rate=994323&cwnd=12000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=363&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/script.min.js?ver=1.8.5

104.26.9.7

200 OK

11 kB

URL GET
www.financescam.com/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/script.min.js?ver=1.8.5
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (11282)
Size
11 kB (11283 bytes)
Hash
dceb8355076abae8fba0e5dbeacc6a3e
ac6856fb30b8a5ebd3b6432784b3a1de5b7a1c95
454025807edaba59732eb9dd3d06dc5a317a0095bfbac14ddd5a28b2b9de8be4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/script.min.js?ver=1.8.5 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f08330b3d-OSL
last-modified: Tue, 25 Feb 2025 22:58:43 GMT
vary: Accept-Encoding
etag: W/"67be4b23-2c13"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCkCNuGyw%2Bp9%2FrC2eQg0Z2UjTjUQeAqWcP3rp3nE9Az%2F3y7%2FAi8FZ%2FFnbl4X3Wp0fazZomNtMu4jxu5iBaQATWw4wDitfosyG5M8qIcGxkmlxaFbBFFO2dOHUd8C4S3u3jMjO8w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2067&min_rtt=807&rtt_var=1774&sent=209&recv=81&lost=0&retrans=0&sent_bytes=178548&recv_bytes=18861&delivery_rate=1019262&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=620&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/cdn-cgi/rum?

104.26.9.7

204 No Content

0 B

URL POST
www.financescam.com/cdn-cgi/rum?
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1338
Origin: https://www.financescam.com
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Cookie: _ga_2XDSQEPGRY=GS2.1.s1747246928$o1$g0$t1747246928$j0$l0$h0; _ga=GA1.1.1545096040.1747246929; cf_clearance=Qew.ZDt00HCNvnToHX6EqbzAwOPcbn7pMx36pO41GXM-1747246929-1.2.1.1-yKRrf5YI4ozWoT_kCe3m4QDyK7C6qs6DHQGuiiYZwRqxUiBcwgAF3C27cV6PTU.ax35hDARh5HmL1VQAbmEbqUPvbofh5gl62uzhUd9AIsVOCGR734bzfDZkcmPiO2yqgFBeuwel_DfXqONaCqXejwegPmqAlP1Oj.mtdNkvLALAoyZceoa.qrhILBhdjJcL2n3IMjMM9k7l7EM.Q22jovOEOsaMR8H.ktltucpDJ32PFPnIkXiQ0pVt0.uyINZHrXpS6xB_H16DkUW43rLylTSzYpvkM7G5sZKJp25fhZyP3CC9woYHj86YStyPq0Lny2Iwg6MLrURyobANHx9YNW6vq9msV1h3V6bKkLN9EhE; personalize_sync=yes; RBUUID=afunu3j; _wpfuuid=c77c0e81-495a-4542-8d34-d088f736c602
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Wed, 14 May 2025 18:22:09 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.financescam.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 93fc6b5bbb440b3d-OSL
x-frame-options: DENY

www.financescam.com/wp-content/plugins/foxiz-core/lib/foxiz-elements/public/style.css?ver=2.0

104.26.9.7

200 OK

20 kB

URL GET
www.financescam.com/wp-content/plugins/foxiz-core/lib/foxiz-elements/public/style.css?ver=2.0
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text
Size
20 kB (20272 bytes)
Hash
411ef84cdbba5285e97b106237c0260c
88677eaf828bdfe3f89258017ef4eb7d6d740d3e
399a5998000796a94cd9ff995ef80b3a2751f41a8ed291e96aa4047050ff751b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/foxiz-core/lib/foxiz-elements/public/style.css?ver=2.0 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d0d270b3d-OSL
last-modified: Thu, 10 Apr 2025 11:35:05 GMT
vary: Accept-Encoding
etag: W/"67f7ace9-4f30"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FuXQkUG2UuZIH%2FOOZ0M3frdAet%2BX3gfaypN%2Bh%2BqgQgG2ypqMT0qt0MkIaOWFmyO86AinUn44DL9wfWM9mNSBz6eGMgJtwBgiivS4j6jIEtT70K7FY1uE4cVNaJle6o9dLWcHpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2994&min_rtt=1261&rtt_var=1437&sent=32&recv=33&lost=0&retrans=0&sent_bytes=11565&recv_bytes=10183&delivery_rate=1797688&cwnd=12000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=329&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor/assets/css/widget-social-icons.min.css?ver=3.28.4

104.26.9.7

200 OK

5.2 kB

URL GET
www.financescam.com/wp-content/plugins/elementor/assets/css/widget-social-icons.min.css?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (5110)
Size
5.2 kB (5150 bytes)
Hash
f695499506b82d525a37e08437e75653
6e94f879b788b80f23ff9b468d1b3647d7287d9c
d5e2a0bb9a2a167c1c24be4521fe936833e4c5011b1a3ea1eb526bb7ea6f7e84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/widget-social-icons.min.css?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d1d4e0b3d-OSL
last-modified: Wed, 23 Apr 2025 16:18:09 GMT
vary: Accept-Encoding
etag: W/"680912c1-141e"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozba3DIlvWdQjjvEyIYz51XWhZUD54HftElMabQZvoAxXTNrii2eoLnnMW660lzD1zEFgqL7djvIvZrgMeC3YZABoXayTnGRy3k%2FUam5dw3Gfat%2BlHuJg%2Fn5jLw8idmmEvs4D1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1803&min_rtt=807&rtt_var=895&sent=116&recv=69&lost=0&retrans=0&sent_bytes=85769&recv_bytes=18289&delivery_rate=702&cwnd=24000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=518&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/uploads/elementor/css/post-1987.css?ver=1747174332

104.26.9.7

200 OK

28 kB

URL GET
www.financescam.com/wp-content/uploads/elementor/css/post-1987.css?ver=1747174332
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (24888)
Size
28 kB (28048 bytes)
Hash
953307c4b1146ece03c6a1a33ec12f32
cbf83caa76782edcb1e850be840e1932d69dc8fb
8a7ada0ca7d6f1cb477d3ccf50b94aa531a5d7523ca3c0923ad2a3e43391ab0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-1987.css?ver=1747174332 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d3d850b3d-OSL
last-modified: Tue, 13 May 2025 22:12:12 GMT
vary: Accept-Encoding
etag: W/"6823c3bc-6d90"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BM1vLbOY5SIQAReFDcO2I7cOQx3%2Bz0u62QUC8nxR%2FdWpX7VJaiu%2B0VIU3MqSAh%2Bk5N5G0HgOEp9NANUeRW84vb%2BFBTD6NEUb0%2FBH3PkCXcP0FxfT5769SY%2BstRXxkc5FLuzV%2BJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1389&min_rtt=807&rtt_var=456&sent=187&recv=76&lost=0&retrans=0&sent_bytes=156444&recv_bytes=18619&delivery_rate=2514811&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=549&x=1", cfExtPri, cfHdrFlush;dur=0

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintEA:C7:0D:68:3A:45:CB:AD:C5:33:41:B6:DF:F1:60:64:E1:0F:52:6A
ValiditySun, 27 Apr 2025 18:18:02 GMT - Sat, 26 Jul 2025 19:17:55 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.financescam.com
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 93fc6b4f78bf568e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.financescam.com/wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Regular.otf

104.26.9.7

404 Not Found

184 kB

URL GET
www.financescam.com/wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Regular.otf
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
184 kB (184179 bytes)
Hash
94ce36336fc855697b0883a7de462ade
079c4fb96fd3c976c1c3fe0a6d815b92007e03b1
8af1337d6e816501cb1db240bfdcfed5cce422b46f04b234999a9bd4609fd260

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Regular.otf HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/wp-content/themes/financescam/assets/styles.css?ver=2.6.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/html; charset=UTF-8
cf-ray: 93fc6b511b980b3d-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-cache: HIT
cache-control: max-age=43200
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zde8eUu02pkFQ8Wih0Y%2F0Pb%2F%2BFdSrn1Gjkq%2FJhCQbF1ozYI5GbHH6L40YdC6hgmpwPrur%2BwMyofKza2ie8hka9xg1Z3z%2By%2BSfFhNzF3pM8t2Idu4Z3ohgqEkqdg5n4gAVV2okIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2700&min_rtt=593&rtt_var=2857&sent=738&recv=127&lost=0&retrans=1&sent_bytes=765861&recv_bytes=23321&delivery_rate=5543107&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=1217&x=1", cfExtPri, cfHdrFlush;dur=0

104.18.95.41

200 OK

227 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/151524246:1747243110:1i_nmBIk_XjGZqbN3IZem3REpsI-W05BQMRtE04Duao/93fc6b5b1c2956be/faNrKsibbzTQpT7XFvyr9x7Rink4Q.O.Lp.55gjJOnI-1747246929-1.2.1.1-2QG9DOnF7ufNTiB1GUAJ_XZyIwY2Cr3STj2QblulLfHzTwsZ0JqEivKVouTUZS8K
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
227 kB (227248 bytes)
Hash
865668534a5e41461f61f7878c6ff894
8a9c1c405d3aeb127938e5c08a0416ff560b1cb4
57582cbe4f8c772a518ae777c28d72ea06175e758e3e37db11f47d8ba9e8223d

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/151524246:1747243110:1i_nmBIk_XjGZqbN3IZem3REpsI-W05BQMRtE04Duao/93fc6b5b1c2956be/faNrKsibbzTQpT7XFvyr9x7Rink4Q.O.Lp.55gjJOnI-1747246929-1.2.1.1-2QG9DOnF7ufNTiB1GUAJ_XZyIwY2Cr3STj2QblulLfHzTwsZ0JqEivKVouTUZS8K HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/4tk4t/0x4AAAAAABAIlUUHcM-j1lp-/auto/fbE/new/normal/auto/
cf-chl: faNrKsibbzTQpT7XFvyr9x7Rink4Q.O.Lp.55gjJOnI-1747246929-1.2.1.1-2QG9DOnF7ufNTiB1GUAJ_XZyIwY2Cr3STj2QblulLfHzTwsZ0JqEivKVouTUZS8K
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3264
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:09 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: n5GDJJ3+ohyXjNrBlitXeXIR8HaHkFq4kAympPq6xwuio4CXsXu/oMzRnGYv9a8BR2Ep2UAkC9V0Ubo8365yoGuUZ9O9DTFZz8IT0EAmdOKRHrEQ6NxxCaqnKAbNuXtc2RV7+Yn4m1yEODR1+/EMaT5rXkEJI7ww6oFBJtTld1Ig97PaIQpK8OVxNF3o/xOj6L1k2oYyNxT4+FYg1CzpUAwvWkdt09Zdv4MolSeshN0VmQpBPcojTry7XHb66aPTs2PEpCEwHhURytsXtY8JCT21JobVlgYEMfV+XTmWGLWykQgNRp2qNV6n2jt46tPp4EtemPqemO4W6THPvUGLjph2GJT0Tyd58OStACiRn9SytcA8G6Oi9G8ohzZZi5qdMZK+vxFWLXVS6idRX7P8kl4AbJJU6T2QzpnaL3wmwIOfnHTpJ2Q1oT7x7fWhxusRNo21y0XEX3rILORfZ+m5QSXFk7QTtMUB+LAzKUG1s76XYcDVFZ9Hid7BNJ6RY+GVUrBvsW2eSQoZFDIw+z4VRTYvpIYgQ62jIdQqaEJW63Fm2z9xtI/4XTwIBpwL7U2mAj2iH2YFW38Oj/AZMTzWbJHDorpX4z8+8N72IsA52BHZAigTK0YVBzIDyjXrUYIpH3QqAYPrK6qsO4OA0mlzi2YyBxEpZdWSUZGxvRcVRETHEAsGCVCHVNcIIFMo9NBwyxFBqiW1kF3qLupBNLysIrCiwJqH8I+1bYHIQEkddmpeszCZ3hciiwPSnY7wnCe9nTtSmiQPUMMVVTtktEUSHw==$YAK/YvUF7osrAnBY3f4uvw==
priority: u=3,i=?0
server: cloudflare
cf-ray: 93fc6b5df98d56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

cdn.jsdelivr.net/npm/swiper@10/swiper-bundle.min.css?ver=10

104.16.175.226

200 OK

18 kB

URL GET
cdn.jsdelivr.net/npm/swiper@10/swiper-bundle.min.css?ver=10
IP
104.16.175.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
ASCII text, with very long lines (18192)
Size
18 kB (18451 bytes)
Hash
eb21d0f0053cd0b33a1e2107e95156d2
715460aed84071944bc26b7cb1e565f3ed107221
79a42e24b867ff52d9e4d766b96d8882c83f18e7442408a41c4b09a043dffccb

HTTP Headers

GET /npm/swiper@10/swiper-bundle.min.css?ver=10 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 May 2025 18:22:06 GMT
content-type: text/css; charset=utf-8
content-length: 5121
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 10.3.1
x-jsd-version-type: version
etag: W/"4813-cVRgrthAcZRLwmt8seVl8+0QciE"
content-encoding: br
x-served-by: cache-fra-eddf8230084-FRA, cache-lga21964-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 18394
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVTlvLfhDVbPD%2B4Rp24by5e9WbGH9jHm7SrULjtxLAkR5izQP1%2BuOkmyi5RcklViMtnOfSL6oP2%2FjarAXdCmAROSPaFskz%2FIsD2zesrvSvsptKlhKNfQE5ANNpXqwFkoYHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93fc6b4d4cfcb503-OSL
X-Firefox-Spdy: h2

www.financescam.com/wp-content/uploads/2022/07/advisercheck.png

104.26.9.7

200 OK

7.9 kB

URL GET
www.financescam.com/wp-content/uploads/2022/07/advisercheck.png
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.9 kB (7936 bytes)
Hash
8bcf3265a20dff2f820a6830e1669700
c34912daf62b72dbb4cd7aca61fe6b631ad1109a
9cec3fdf789c4b393b1d09934342fc4e48649f1907d4f8daee2e1351fae3d95f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/07/advisercheck.png HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: image/webp
content-length: 7936
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d6dca0b3d-OSL
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=14690
content-disposition: inline; filename="advisercheck.webp"
vary: Accept
etag: "681096c0-3962"
last-modified: Tue, 29 Apr 2025 09:07:12 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7OJUD4C1pknOVGP%2BleNl1snAf0xBkPsiHeQ7LnuBFXM7oYrr673pDADvRcviliUH1WK4Qo4iHrGweQr8%2FmOp2AIgLZAT3sNKfNEiE09Bw7likA1hvkIXieaDpa9WwQHVlLzNaTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1285&min_rtt=807&rtt_var=278&sent=201&recv=80&lost=0&retrans=0&sent_bytes=169613&recv_bytes=18812&delivery_rate=405194&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=573&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.28.4

104.26.9.7

200 OK

45 kB

URL GET
www.financescam.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (44664)
Size
45 kB (44708 bytes)
Hash
3a11a2f72761b93d8d453d3681ba3947
4e5b7e8e49f3799ba459137c933fc933b0016cae
bc669c112975fb8b076774eba29914a37d28d43a4e418c083be917b51f730efb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f18500b3d-OSL
last-modified: Tue, 06 May 2025 14:59:56 GMT
vary: Accept-Encoding
etag: W/"681a23ec-aea4"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nRpeV4KerwI7RjSUm5tJIJIFcZ5zwxiEu5Ujox%2Byp3wTn44kAjN1878UVqjorCr4gebB32TEVNNBkvqIG3xwjTJJ8U%2BCM4FrtBoB4F016HwwrbLwwm61vBVvtDoGQp%2FfjiJaTIE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1891&min_rtt=593&rtt_var=677&sent=491&recv=103&lost=0&retrans=1&sent_bytes=495390&recv_bytes=21346&delivery_rate=3322568&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=832&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Medium.otf

104.26.9.7

404 Not Found

184 kB

URL GET
www.financescam.com/wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Medium.otf
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
184 kB (184179 bytes)
Hash
ce1f13c0de42d5320d2d165cb0f6c41b
248ff7d177ea29d2bde274e896e3af4426ae1f2d
d75a00a670a82ad3e16c5205883fecee1a3470dc5c116924006148d8e2546406

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Medium.otf HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/wp-content/themes/financescam/assets/styles.css?ver=2.6.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/html; charset=UTF-8
cf-ray: 93fc6b511b9c0b3d-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-cache: HIT
cache-control: max-age=43200
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMdiWB26GWR1xYg4rSYwKqEwQ%2B2UaX8Edb2UJ01qV5mLFDN9fyKVzQzxruKLr0QuMeeOeVyRliUqvCAt3iSDWBYeCy1La5vXGMFZWmCkSTl0JFlNWt2Mwkot8ohl%2Bf4TCxRuQoQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3140&min_rtt=593&rtt_var=3690&sent=711&recv=125&lost=0&retrans=1&sent_bytes=735870&recv_bytes=23231&delivery_rate=7595815&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=1208&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Bold.otf

104.26.9.7

404 Not Found

184 kB

URL GET
www.financescam.com/wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Bold.otf
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
184 kB (184179 bytes)
Hash
5cff0b3f19813bf08cbbed880bd9eb01
abcfeb2773b5be740ea27de04bc6b8a24864e7bd
7797b2d19f3279db507a7a56ffffa041afd776b649cf016acc5d867ebbe05ff2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Bold.otf HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/wp-content/themes/financescam/assets/styles.css?ver=2.6.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/html; charset=UTF-8
cf-ray: 93fc6b511b9e0b3d-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-cache: HIT
cache-control: max-age=43200
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iehR0lAQTvbwxb4KwBpEYMHs8D%2BYCyWe9x4D6RAFdSxofGomuzm4q17F1p7Z2pizDLSQY6Gj3inJ7n74s%2B2SrbMkjbU%2BqbZ5uMC9%2F%2FjEKA7KyLFaLcROqIMwi5wTPCQeifz5j6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1687&min_rtt=593&rtt_var=671&sent=618&recv=118&lost=0&retrans=1&sent_bytes=634057&recv_bytes=22673&delivery_rate=4004785&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=1006&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?

104.26.9.7

200 OK

8.4 kB

URL GET
www.financescam.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (8371), with no line terminators
Size
8.4 kB (8371 bytes)
Hash
f2b391f712a75d91580288e90497b042
6d762ec1368e1888376c08309f7d94b3998a3f67
8c8c48d1b4f4b4afb81de65f03af6dbaebf448c7831ebd1b0029ec889430a9db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js? HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_2XDSQEPGRY=GS2.1.s1747246928$o1$g0$t1747246928$j0$l0$h0; _ga=GA1.1.1545096040.1747246929
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:08 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 93fc6b59b8800b3d-OSL
server: cloudflare
content-encoding: br
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BrpREbpYhJmjQNzwI3QVw72G9gYjZbqVPw6fb6oHTIAadTTEhq8JqgYEecl0flYLpDTaf2EbsdlYNXnHdDujWLpU5i%2F9cpcJ5vorrNIZ4iJ8GmeKkDA5YNDECcLBKxKz2ZDvn0A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1480&min_rtt=593&rtt_var=846&sent=825&recv=143&lost=0&retrans=1&sent_bytes=855382&recv_bytes=25580&delivery_rate=20404&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=2206&x=1", cfExtPri, cfHdrFlush;dur=0

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css?ver=2.3.4

104.17.25.14

200 OK

1.0 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css?ver=2.3.4
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
ASCII text, with very long lines (846)
Size
1.0 kB (1013 bytes)
Hash
594b81805a98b267e47c70a8fad30d9f
684d84ec40b305ca14efc88c91f12972cb6342b4
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css?ver=2.3.4 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 May 2025 18:22:06 GMT
content-type: text/css; charset=utf-8
content-length: 331
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 93fc6b4d4da90b3d-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-3f5"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 482816
expires: Mon, 04 May 2026 18:22:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQEPzWDPPNosjCfqAodNQRDXa5%2FCOiHvDn1eqwYmKge9GbBZIvcNrs7Wc8pS3vTVgrI6zZOpc8BSK20Uljm0VzaEf%2FdoTPdtBmwUyjyTpq1LgqZf1YNpPOMatuynDJlTEJoOmrX%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.financescam.com/wp-content/plugins/elementor/assets/css/widget-heading.min.css?ver=3.28.4

104.26.9.7

200 OK

600 B

URL GET
www.financescam.com/wp-content/plugins/elementor/assets/css/widget-heading.min.css?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (560)
Size
600 B (600 bytes)
Hash
fa434820af29fc345499439dd44fca18
8873e73e5281a9de3de098d6c2f00391e01b4093
65c23baecdf5ab753fd016a18220ce3f29ed474f957354f73b1be41ca056f21e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/widget-heading.min.css?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d1d450b3d-OSL
last-modified: Wed, 23 Apr 2025 16:18:09 GMT
vary: Accept-Encoding
etag: W/"680912c1-258"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uouo83MJZ4XyFjmO5PZOyhmsajTtFdLslqtUwTdXXvd56tVGtXGvAstqtXUNMbwbUUJGEgkR3Oq%2BjzCZUW2nsCcBt8suwNwHyUNYz6VplB25GKip2NQFDHTj187%2F3mWyAL%2Fsmmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1803&min_rtt=807&rtt_var=895&sent=128&recv=69&lost=0&retrans=0&sent_bytes=99678&recv_bytes=18289&delivery_rate=702&cwnd=24000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=519&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1746783846

104.26.9.7

200 OK

4.7 kB

URL GET
www.financescam.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1746783846
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (4663), with no line terminators
Size
4.7 kB (4663 bytes)
Hash
d9a30605c441336d4af052e900000fb8
e563d2aa3411154291aa305b4912155259e3e72c
51961b2c0bdbfaa3f8cb21e59d2ae04e029c44edd84d95e8fb4b67ca55e26b8c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1746783846 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f08200b3d-OSL
last-modified: Fri, 09 May 2025 09:44:06 GMT
vary: Accept-Encoding
etag: W/"681dce66-1237"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjw5Z9csTlTK7TZHwdQJFBB1rSJuqJX4L3xBNTMCbZATJLegM3QdR4N9wlkAyGw82rUhlMqISAsi3Bj8l7eqCGpVpog9WCFLxIQo0onFPMra38Lkh7NKMQthQRFA6KrZfC4pCkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2130&min_rtt=593&rtt_var=978&sent=581&recv=110&lost=0&retrans=1&sent_bytes=594429&recv_bytes=21666&delivery_rate=1611165&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=865&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.28.4

104.26.9.7

200 OK

53 kB

URL GET
www.financescam.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (53235)
Size
53 kB (53275 bytes)
Hash
16ce941e0315f7109260afa59bdd3c8a
1ebf348a6bf5398bb9634e242f8d794739d03856
f3bf429b6804a9e3ff545d2c39123a1623c701d207a93fa422cec99ec932148c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d1d3f0b3d-OSL
last-modified: Wed, 23 Apr 2025 16:18:09 GMT
vary: Accept-Encoding
etag: W/"680912c1-d01b"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q6XNxsdjOaNRQNVN8cyNMcEleaAIZ%2BgzHRGgsATH3cWXV3qzMVSRtnmZxJbCVUhf22JiZYAAPOkGAYwRiynCXb%2F8CrKGoQy%2B6%2BXHA%2BkZEjOBLtARW%2BfOSmHZp1%2BK7ncbYO1EpEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1803&min_rtt=807&rtt_var=895&sent=128&recv=69&lost=0&retrans=0&sent_bytes=99678&recv_bytes=18289&delivery_rate=702&cwnd=24000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=519&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/themes/financescam/js/loadmore.js

104.26.9.7

404 Not Found

184 kB

URL GET
www.financescam.com/wp-content/themes/financescam/js/loadmore.js
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
184 kB (184179 bytes)
Hash
fc90fcb02bde4d893dba5d722dff6ba6
77c5cb8c3210f3a25fe0686e9f9870737639767c
38e0826027a5aa6009efa9212c28bdf7b03d83df25e065d3857e41ac0e4e9e11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/js/loadmore.js HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/html; charset=UTF-8
cf-ray: 93fc6b4f082c0b3d-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-cache: HIT
cache-control: max-age=43200
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7h%2BQ0PNFCEXp6I1oOFEzMXRT4MKjyZS4RAbw00nfZTs8S1ZhAGRvGtyjMEj9igtZ68MeBJE7edhADxW7mQT0W422TXZd%2B8MP2GJifiVYunc%2BY78rwUZUXcBJBxsugfhSPHvHRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1991&min_rtt=593&rtt_var=1012&sent=589&recv=111&lost=0&retrans=1&sent_bytes=602846&recv_bytes=21713&delivery_rate=1741729&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=868&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3

104.26.9.7

200 OK

22 kB

URL GET
www.financescam.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (8189)
Size
22 kB (21464 bytes)
Hash
da215ae12b95b3aeeb2047667016c7f8
480a7087aa74b5b47c47f05a11670e823a3ae4c0
699210a5ed06e497b4730ec83bb65ac4c2269ae4a0ee8af3f24aae7ee5b66b76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.3 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f184c0b3d-OSL
last-modified: Tue, 15 Apr 2025 23:24:52 GMT
vary: Accept-Encoding
etag: W/"67feeac4-53d8"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElPUHlOh2mz3ibPiikDAHqfOEBAplO%2FIlTG0kOl0suDU3pg7kqX%2Bybl1n0eQxYJcSfen23vbUoRth2m7KvCE4i6Qn2xa1Xql59t4QfIL4EQmalF7Or9TwlCJ3eOsAf67%2FbeEzKQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1742&min_rtt=593&rtt_var=392&sent=533&recv=107&lost=0&retrans=1&sent_bytes=539953&recv_bytes=21528&delivery_rate=2789287&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=851&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Black.otf

104.26.9.7

404 Not Found

184 kB

URL GET
www.financescam.com/wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Black.otf
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8856)
Size
184 kB (184179 bytes)
Hash
dd8c67639fb9d6d19d77af53076b6a0a
ec27be5630736d2ba8b6a9b8117b1c587721dbad
53b73ebd43bc7931aded19f38ed9e9154e911267ec46ad91b6c27cab3145d6eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/financescam/assets/sanfranciscoprodisplay/SF-Pro-Display-Black.otf HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/wp-content/themes/financescam/assets/styles.css?ver=2.6.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/html; charset=UTF-8
cf-ray: 93fc6b512ba00b3d-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
x-cache: HIT
cache-control: max-age=43200
cf-cache-status: EXPIRED
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OHuqXbsWwVS6pX13ioJ7CKhzF5WDGnR05hpMjSvZrZD7FY5jrmHzBV%2FQAf3fOWtLVC9Q%2F6wbfv7Axnw%2BmPUH50lgVw0mw6u8fNU3rx00foM5vrM8znpdMYDuGrv%2FEyKRm1mVfI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3759&min_rtt=593&rtt_var=4599&sent=682&recv=123&lost=0&retrans=1&sent_bytes=705850&recv_bytes=23142&delivery_rate=1089934&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=1200&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1

104.26.9.7

200 OK

116 kB

URL GET
www.financescam.com/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
ASCII text, with very long lines (55654)
Size
116 kB (116363 bytes)
Hash
dfe67cbbac3da53fdbbaed71c91db428
8c82643ef63a8389c1b800b7c5d0af9d684b8b24
597ddfdee7171750c16ec5aafd392cf992e9c53386d6bb6061d48e30334f09e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.8.1 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4d0d260b3d-OSL
last-modified: Tue, 15 Apr 2025 23:24:52 GMT
vary: Accept-Encoding
etag: W/"67feeac4-1c68b"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0hjiMOOWilOIBPuWYu9jVnzfeiKmlDOI4lM93mSjqR3dr4jbPzPR8Z%2B5%2B5pS130nLPYkw3XEZITo%2FGmZBS%2FQVueUowWsy3Tj2xUtzHreknSlqqRGYn10TWbSGX4IC%2FLrdJK3Mo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1803&min_rtt=807&rtt_var=895&sent=118&recv=69&lost=0&retrans=0&sent_bytes=87678&recv_bytes=18289&delivery_rate=702&cwnd=24000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=518&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.2.1

104.26.9.7

200 OK

24 kB

URL GET
www.financescam.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.2.1
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (24021)
Size
24 kB (24109 bytes)
Hash
9e7c898d1649315173db5d2d8730fb75
364a6836a90b28329404b7d7f58a524861ef63f5
f9b60ae2f2938c589960ef00d9b9a644f0847f7183f597cdc3fbf8cfe904c552

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.2.1 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f08300b3d-OSL
last-modified: Tue, 06 May 2025 14:59:56 GMT
vary: Accept-Encoding
etag: W/"681a23ec-5e2d"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=reSYykIR%2FfOqA0KUgZzM2HZtXqWrR%2F2eodt1mfAafNwvuQa8Hu4eNWxrFAXysZdtMUtvToMFmwxQgJznNxpd0oOFqFRMPyJFfqs9vLwgM3FiFBZVUGWgKoSAHHlfn%2FkEOh0sPAE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1783&min_rtt=593&rtt_var=378&sent=574&recv=109&lost=0&retrans=1&sent_bytes=586450&recv_bytes=21619&delivery_rate=13526521&cwnd=96000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=855&x=1", cfExtPri, cfHdrFlush;dur=0

www.financescam.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.28.4

104.26.9.7

200 OK

6.3 kB

URL GET
www.financescam.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.28.4
IP
104.26.9.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.financescam.com/legal/
Certificate
IssuerGoogle Trust Services
Subjectfinancescam.com
Fingerprint10:8C:9A:11:52:28:01:55:5A:B5:D5:B1:27:BD:A4:43:49:42:9E:83
ValidityThu, 01 May 2025 23:39:18 GMT - Thu, 31 Jul 2025 00:39:14 GMT

File type
JavaScript source, ASCII text, with very long lines (6219)
Size
6.3 kB (6263 bytes)
Hash
706e4597d9871a9237a5f634bdd8726f
9dca4d973cdbcdfabcabeb2672a4cad50b3109da
a0985cfb51555fd37a270d7c1fae611a1b500b0d1cb7c06279b80916e1df898f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.28.4 HTTP/1.1
Host: www.financescam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.financescam.com/legal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 14 May 2025 18:22:07 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93fc6b4f183c0b3d-OSL
last-modified: Tue, 06 May 2025 14:59:56 GMT
vary: Accept-Encoding
etag: W/"681a23ec-1877"
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbYNbYlw1VBUngc9tnKWMiajGUhTVGp7iuFGHheFg%2FsvhUM3F7Ry%2BQD9kxMM%2FP2PtBx3wvpe6j7p3oAfkct%2BxPgcKlGUJyc51jIAJhQyDzc1Fe4BbB3PenhL2gDZunpaM2eQtNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1879&min_rtt=807&rtt_var=1320&sent=217&recv=83&lost=0&retrans=0&sent_bytes=186253&recv_bytes=18959&delivery_rate=2940953&cwnd=48000&unsent_bytes=0&cid=36f805748b1c4cf7&ts=625&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (117)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML