r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a4074549843769a3da3f055bcb5a78ff
f99062d34cf71bda6a9c64061fb9e61008f94021
895e3801806f031611a25bec5652cc1a46dfa76ea6784f5064d859c1a5b9ddf7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "895E3801806F031611A25BEC5652CC1A46DFA76EA6784F5064D859C1A5B9DDF7"
Last-Modified: Tue, 04 Apr 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17828
Expires: Wed, 05 Apr 2023 03:51:56 GMT
Date: Tue, 04 Apr 2023 22:54:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e50dac5108a698d61ca49516033d1a20
53d243b89fc00deb9bfae07351bbe36ddb7c1df3
e9e0ad98c485b56fe65ea0a8bc4974fff3f804fcf2d8f6266ada9acd27c7b7cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9E0AD98C485B56FE65EA0A8BC4974FFF3F804FCF2D8F6266ADA9ACD27C7B7CC"
Last-Modified: Tue, 04 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12448
Expires: Wed, 05 Apr 2023 02:22:16 GMT
Date: Tue, 04 Apr 2023 22:54:48 GMT
Connection: keep-alive
cash2gofinancial.com/wp-content/cgi/v4.zip
50.28.18.203301 Moved Permanently 258 B URL HTTP/1.1 cash2gofinancial.com/wp-content/cgi/v4.zip
IP 50.28.18.203:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2aaeee374acc52bc9079c4cd71c34796
bad962aabbe59958459d0b27a99af824ab82a863
b143caea044ab44a2f99749e6d0f76cebb056e5924be07b8f0dd5dc3b0406c46
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cgi/v4.zip HTTP/1.1
Host: cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Apr 2023 22:54:48 GMT
Server: Apache
Location: https://cash2gofinancial.com/wp-content/cgi/v4.zip
Cache-Control: max-age=0
Expires: Tue, 04 Apr 2023 22:54:48 GMT
Content-Length: 258
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 22:16:42 GMT
content-type: application/json
age: 2286
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 903ed2d58f1f33d069b70c4b53f1cb1f
0ef89cd6eb79a2ddd74434f9233cf486fffc1142
d8c984b50f04fcdb1ebc99d982502d85193302c85239ee7497666247edfc0061
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C984B50F04FCDB1EBC99D982502D85193302C85239EE7497666247EDFC0061"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21436
Expires: Wed, 05 Apr 2023 04:52:04 GMT
Date: Tue, 04 Apr 2023 22:54:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 95f61d351f5fc9533cc78e255ce9bc06
fba284117f347782ac23c51d141d7e3ec15a867e
7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3
GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hWCbFEBo+nsul1hvqJfUtukBQTQcdmH5h3NxpH56lX4IfT1TM1aB3M8yt+wyVhoivtJA4bzBAKo=
x-amz-request-id: 62S18JHYFPPG26HJ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 22:53:23 GMT
age: 85
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 22:54:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 27326a64990c6f698a83600491674790
a6bdb4743ace6be80673f6899605bf9177a75b69
e4a8d3c3016130e47580098183bcea5ae369697b7907eafd65ac3450dc2eb265
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4A8D3C3016130E47580098183BCEA5AE369697B7907EAFD65AC3450DC2EB265"
Last-Modified: Mon, 03 Apr 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5989
Expires: Wed, 05 Apr 2023 00:34:38 GMT
Date: Tue, 04 Apr 2023 22:54:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 04 Apr 2023 22:14:45 GMT
age: 2404
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: v6noCPQiPierq6nxkiD8jA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ONmShIZq6GE9fdzxJlK7eO+vp2s=
Date: Tue, 04 Apr 2023 22:54:49 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cash2gofinancial.com/wp-content/cgi/v4.zip
50.28.18.203301 Moved Permanently 0 B URL HTTP/2 cash2gofinancial.com/wp-content/cgi/v4.zip
IP 50.28.18.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cgi/v4.zip HTTP/1.1
Host: cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
set-cookie: apbct_timestamp=1680648889; path=/; secure; HttpOnly; SameSite=Lax
apbct_site_landing_ts=1680648889; path=/; secure; HttpOnly; SameSite=Lax
apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax
apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522ca5e58236e3ddc34f9cbc5e5cd7bd842%2522%257D; path=/; secure; HttpOnly; SameSite=Lax
apbct_urls=%7B%22cash2gofinancial.com%2Fwp-content%2Fcgi%2Fv4.zip%22%3A%5B1680648889%5D%7D; expires=Fri, 07-Apr-2023 22:54:49 GMT; Max-Age=259200; path=/; domain=www.cash2gofinancial.com; secure; HttpOnly; SameSite=Lax
apbct_site_referer=UNKNOWN; expires=Fri, 07-Apr-2023 22:54:49 GMT; Max-Age=259200; path=/; domain=www.cash2gofinancial.com; secure; HttpOnly; SameSite=Lax
ct_sfw_pass_key=2c0e404f94643917d9118149359ba7e10; expires=Thu, 04-May-2023 22:54:49 GMT; Max-Age=2592000; path=/; secure; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
location: https://www.cash2gofinancial.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 04 Apr 2023 22:54:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/
50.28.18.203200 OK 26 kB URL HTTP/2 www.cash2gofinancial.com/
IP 50.28.18.203:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (10467), with CRLF, LF line terminators
Hash db2e175e95089403cf83f0d39445cd2f
cd3824d801dd0a9911c94176828eea84b8efbd4a
b3cbfdb3e392690374d69df0b91aab2f2417d6e371127c1aa723b5baefd2c75f
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
last-modified: Tue, 04 Apr 2023 16:36:53 GMT
accept-ranges: bytes
content-length: 26428
cache-control: max-age=0
expires: Tue, 04 Apr 2023 22:54:50 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Apr 2023 22:54:50 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3048568
expires: Sun, 24 Mar 2024 22:54:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38GZZ9p9sehsjtYmALYmf8hXwJZsF0YuA%2Fqh51Bhu07QBD0pHBPvPiukjHGFXEnxwXiKu2u%2FyOXH7uPboLYM020%2B196N5rmeIc9TVrWz2jIj8onGJz5FGLetLCnCjNDiij%2BqLSxl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b2d22aeeebf0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-includes/js/thickbox/thickbox.css?ver=6.1.1
50.28.18.203200 OK 939 B URL HTTP/2 www.cash2gofinancial.com/wp-includes/js/thickbox/thickbox.css?ver=6.1.1
IP 50.28.18.203:0
Hash ba202c3af960a44cdd8ab5152650dca4
f1b0452b648dd92566947e572547be1fad735d69
b09840646b82209db604123f68711b1d0859c6cf7ec154594c5d7a25911fe658
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/thickbox/thickbox.css?ver=6.1.1 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Wed, 17 Aug 2022 07:34:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 939
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.7
50.28.18.203200 OK 548 B URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.7
IP 50.28.18.203:0
File type ASCII text, with very long lines (1268), with no line terminators
Hash eee97d3b975719eba52253a1a0cb70c0
e83442f555d64c283c021111d50652fe29443739
76277c9423c8ac0ab0da78610a32ed677234d59afefa8ee44f39cec757e0e941
GET /wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.7 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Thu, 30 Mar 2023 16:24:20 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 548
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
50.28.18.203200 OK 12 kB URL HTTP/2 www.cash2gofinancial.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 50.28.18.203:0
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Wed, 16 Nov 2022 00:11:58 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 12518
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/themes/theme19/css/owl.carousel.css
50.28.18.203200 OK 1.4 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/themes/theme19/css/owl.carousel.css
IP 50.28.18.203:0
Hash c4f140e9c23c8fea3e35a73aaf166d20
da5e7d62ee8a1ca5b6f47d84d39a0336e6a9e72b
9df7553202b710155aeb66167d387ee65e8a96b7fe1323a73bcd89e2a733d040
GET /wp-content/themes/theme19/css/owl.carousel.css HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Fri, 20 Apr 2018 13:22:10 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 1387
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/themes/theme19/responsive.css
50.28.18.203200 OK 7.7 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/themes/theme19/responsive.css
IP 50.28.18.203:0
Hash 467624058de4f7101af11beff19b9581
d9732f4c9d418e3d6596b14a93a1f1605847288b
0eae069df88b8d7965a9a8ea2155b5f71be60c29a63aa716cb174fea73f305e8
GET /wp-content/themes/theme19/responsive.css HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Mon, 06 Mar 2023 07:12:09 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 7706
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-includes/css/classic-themes.min.css?ver=1
50.28.18.203200 OK 189 B URL HTTP/2 www.cash2gofinancial.com/wp-includes/css/classic-themes.min.css?ver=1
IP 50.28.18.203:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Mon, 07 Nov 2022 20:35:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 189
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-includes/css/dashicons.min.css?ver=6.1.1
50.28.18.203200 OK 36 kB URL HTTP/2 www.cash2gofinancial.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 50.28.18.203:0
File type ASCII text, with very long lines (58981)
Hash 00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Wed, 17 Aug 2022 07:14:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 35730
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.236
50.28.18.203200 OK 3.4 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.236
IP 50.28.18.203:0
File type ASCII text, with very long lines (14979), with no line terminators
Hash 6e976e38293c78f3fecbe2040d309762
772be42cb3f7a76c8fd3501ee447a5ceeed28a0d
5fffc887bffdbe8eba0c2aa723e85adabeb34207939ea8cc3722eb21d39bb795
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.236 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 21 Feb 2023 17:35:41 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 3368
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.3.9
50.28.18.203200 OK 1.1 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.3.9
IP 50.28.18.203:0
Hash 755f697ddd308f2f8634766519c1f184
a16290c1a20fd723a2bc5c83e289b73ccb46fb66
6be2c577fd6bf63080c7e007f8c32cc7c2d61e1d9135774b0c3d6aad8b96d156
GET /wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.3.9 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Thu, 30 Mar 2023 16:24:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 1109
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/themes/theme19/style.css?ver=1.6
50.28.18.203200 OK 16 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/themes/theme19/style.css?ver=1.6
IP 50.28.18.203:0
File type ASCII text, with very long lines (397)
Hash aa50cbac5bd89ad7105c90392ea740e9
c3f28f946c233985d54e5782f1ccbe982ec2be9b
bb0de6865b4d5813ba0be2a5756f13342b862c15ca2af1aed70da173edd46616
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/theme19/style.css?ver=1.6 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 21 Mar 2023 13:05:55 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 16271
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo7.jpg
50.28.18.203200 OK 6.6 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo7.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 297x155, components 3\012- data
Hash 559de87429f48ae816bd84de5f34c833
8677b44aeb15b23a1502f066dc522c20904f4675
f3901b38674b26b6d7038e371c4efd278f6f00018989849bc30e606ab8df0699
GET /wp-content/uploads/2022/01/client_logo7.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 05:17:35 GMT
accept-ranges: bytes
content-length: 6584
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-foundation.min.css?ver=2.7.3
50.28.18.203200 OK 6.7 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-foundation.min.css?ver=2.7.3
IP 50.28.18.203:0
File type ASCII text, with very long lines (45113), with no line terminators
Hash 64a06b37286be00e0f312a140bc973ae
8477ec4990a1ed86f31194aafd2d8dd04f802c4e
c29e89b65f0aca690e4b13751ef6401bef0c15896518a36367de581956b153fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-foundation.min.css?ver=2.7.3 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Thu, 16 Mar 2023 00:11:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 6684
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8397
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 22:54:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8397
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 22:54:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4741fb0e250c9bcfbf5ecf935786156a
b5ee9286de89da804036335ad071bcdf0bd69b6f
0273c45d6b16ec9f44aef454cfcc190ac3e953899347c346effb38e335806309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 22:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 869fe4a8dc549ffa1023d3adc184e4f2
37b95d88dd3f6f251bb651b130e09b202850033f
9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8397
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 22:54:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77527c77-7214-4edc-ac50-c610366aefd6.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77527c77-7214-4edc-ac50-c610366aefd6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c14dd9bfa7f1f37c711973900dbb5af
c8dea8f9cafcf7d108c93156f40537e78f7da88f
b99050909eb528f9c22201ed2f0f185edbb1f0b1e16631ef21dca72433e1e05d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77527c77-7214-4edc-ac50-c610366aefd6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3500
x-amzn-requestid: 5626e00a-90a4-42c5-bcbd-1ec24decfa47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C3yqqG0_oAMFTcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642c97dd-16eb602d2ac30b2521cc8165;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Tue, 04 Apr 2023 21:34:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: z3N_E-I5Av2Q7QhEUu5UNeFCxrzUIzu6eWwKQRu03HFutBSwr-xUYQ==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 21:39:50 GMT
age: 4501
etag: "c8dea8f9cafcf7d108c93156f40537e78f7da88f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79da5da9-3d26-4695-ae7f-58d008a2530b.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79da5da9-3d26-4695-ae7f-58d008a2530b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 20ff30ea98e9f9086ee28d4ac369e938
40aee6f21d4958a8e36bb9e9359a1784bb4e059d
1fa8c56d96a34e8971f580a83ef30b460b622d43ed7486ccb2c317366cb2179c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79da5da9-3d26-4695-ae7f-58d008a2530b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6606
x-amzn-requestid: 2e52472d-4c31-46af-b2e7-4ffc169c2222
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C34yhEGhIAMF1sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642ca1a9-4f0faa13315fe1e76cbb09a3;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Tue, 04 Apr 2023 22:16:09 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: -3eyeauXxMTnrWCD5BX_WX2pakIj6fexjGzeXiTotEkJi7tkQBFFjA==
via: 1.1 b6cdb2111444305bd4957a473b711ad6.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 22:49:16 GMT
age: 335
etag: "40aee6f21d4958a8e36bb9e9359a1784bb4e059d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e6c3e6-7fa8-45ee-8b20-f057b4f9a87c.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e6c3e6-7fa8-45ee-8b20-f057b4f9a87c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 368daf089289cba50cd12298597e78a4
f84ad2d3eacfd5aeefd918838f69fcc962c63e51
7a1b8d38402e819ae571d358a7f9b8e430d02ec622cb0434eedb3788849ffb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e6c3e6-7fa8-45ee-8b20-f057b4f9a87c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9371
x-amzn-requestid: a2353b11-26d6-4e26-bab1-79d407cbfa75
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C3yqqE4dIAMFfQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642c97dd-579eb6016ba594714b5f714f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Tue, 04 Apr 2023 21:34:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: WlmZ-_zXC7lDktPKC9fMfiaIhMi9MFmhaKBMIVGjjGje0sD6ZT2sFw==
via: 1.1 626ad4a6bf529166d2aad94a2957694c.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 21:40:40 GMT
age: 4451
etag: "f84ad2d3eacfd5aeefd918838f69fcc962c63e51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd83b1ff-cffc-4bc4-bd3c-bc6bee996f8d.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd83b1ff-cffc-4bc4-bd3c-bc6bee996f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d37a005990b494f2fbb22b15e95355aa
6dd60d490f5ee8b5f9c8aaeeca5a7a9b7b6a3a4a
89fb008ff33bc826389dab4b4ae6e54f24800102e5ab4993d541ac1a9d2f91b8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd83b1ff-cffc-4bc4-bd3c-bc6bee996f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8166
x-amzn-requestid: c20672fe-1108-40c6-af1f-8c63f2524380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cr60YHdWIAMFVSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6427d81b-7b7c250f5c9862e42bb65d0d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sat, 01 Apr 2023 07:07:07 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: EQ_IkbL70ACEqpp_sRChxfh_-LBixVnqDh0zLyhSXNXmf5WyMHYO7Q==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 15:04:20 GMT
age: 28231
etag: "6dd60d490f5ee8b5f9c8aaeeca5a7a9b7b6a3a4a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e436c7d-e108-4689-b94e-5ff6e0dfdf0a.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e436c7d-e108-4689-b94e-5ff6e0dfdf0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd12555800d3b88954dfea270dc2e42e
1ef8b33524eacd8ea134937f55b2b4c704215992
0da83c486b906ca380982c4006e5b6d9235863056fb43945d74b55453ba07e8b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e436c7d-e108-4689-b94e-5ff6e0dfdf0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9667
x-amzn-requestid: 688e8919-43f5-461e-8fe2-c37f9d9d4771
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CoomuG7gIAMFWMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642687c4-4f0b41fe5abeb8af44317551;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 07:12:04 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Eg7iFXrRmw7NlzCTZaSqetbmBptwCFtp7h2ZIWf_on4gPlXUQp_2fA==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 18:34:53 GMT
age: 15598
etag: "1ef8b33524eacd8ea134937f55b2b4c704215992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74ab7a15-f867-4797-989f-7adeb80e9c1e.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74ab7a15-f867-4797-989f-7adeb80e9c1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9132183080e6510ff7309e59efa59e75
9ce62f7aee64552638ff948e89b2ddf4f20bdff7
b888ab47550e87b46ed8377a0a6e8679fda7b2751473827bcba328aa4ce207ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74ab7a15-f867-4797-989f-7adeb80e9c1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5686
x-amzn-requestid: 3900b1cb-78c9-43d6-9c98-6f00d8635e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CooSOHAaoAMF6RA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64268741-002861655352e48c6a833c80;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 07:09:53 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: XPqgiYowyfmy22TeKddE1Q7KybhFQNNaBi6XE7HRoCW9gWWIb-kVHA==
via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 22:21:24 GMT
age: 2007
etag: "9ce62f7aee64552638ff948e89b2ddf4f20bdff7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4741fb0e250c9bcfbf5ecf935786156a
b5ee9286de89da804036335ad071bcdf0bd69b6f
0273c45d6b16ec9f44aef454cfcc190ac3e953899347c346effb38e335806309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 22:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cash2gofinancial.com/wp-content/uploads/2022/06/Blank-1000-x-536.jpeg
50.28.18.203200 OK 178 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/06/Blank-1000-x-536.jpeg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, description=hispanic family with mother, father and son sitting in truck looking outside, manufacturer=SONY, model=ILCE-7M3, orientation=upper-left, xresolution=261, yresolution=269, resolutionunit=2, software=PicMonkey https://www.picmonkey.com, datetime=2019:03:03 03:07:40], progressive, precision 8, 1000x536, components 3\012- data
Size 178 kB (178531 bytes)
Hash 97f363d9adbcf98a274cb397326bad51
e53aac07cb5d40dba208c59e05bf820c947a5945
bb0e2dcd37349e0f4f6ab33f90ca9b65f1975e610828964e04b77b83ef29acf2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/06/Blank-1000-x-536.jpeg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Wed, 15 Jun 2022 17:20:12 GMT
accept-ranges: bytes
content-length: 178531
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo2.jpg
50.28.18.203200 OK 5.9 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo2.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 297x155, components 3\012- data
Hash fe8819dbc5d084dbafad0c965716a5ec
686cf76f0695f3248a6cdb726a0edb08e087f4b6
f09c9cb5a04737260335fa2b26bd4da240c15b0f10dfb2772bc2281d8ca52e9a
GET /wp-content/uploads/2022/01/client_logo2.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 05:17:16 GMT
accept-ranges: bytes
content-length: 5885
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-reset.min.css?ver=2.7.3
50.28.18.203200 OK 559 B URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-reset.min.css?ver=2.7.3
IP 50.28.18.203:0
File type ASCII text, with very long lines (1502)
Hash 19a7c487dffdfc4ca7f39ad6c2d4bd08
0a93b4b516438485f8c1f9e2f390193808964e35
68ae4f8c030eb51a961752e06e1322f64e6b6f0b0c834537775754c58481baf1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-reset.min.css?ver=2.7.3 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Thu, 16 Mar 2023 00:11:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 559
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo3.jpg
50.28.18.203200 OK 6.2 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo3.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 297x155, components 3\012- data
Hash 34e40af458c229564b68f5fd9abefd57
ea4d1227a48656e40a44d8e855b62b4650e0c6b0
7fbbff12bcf457f16abaa7677481c4ae112091552e0e95d98e7e37f6922685c3
GET /wp-content/uploads/2022/01/client_logo3.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 05:17:20 GMT
accept-ranges: bytes
content-length: 6234
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/ser_icon3.png
50.28.18.203200 OK 2.4 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/ser_icon3.png
IP 50.28.18.203:0
File type PNG image data, 103 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e16893c95477ca26e9d690d68ee1216
f445b618c39f983325d2ab56d8048be86676db1c
079b15ea2a9cb78837075893c464c733c83f76a6ca84daa5e0fba91a4d7afde8
GET /wp-content/uploads/2022/01/ser_icon3.png HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Mon, 17 Jan 2022 12:36:41 GMT
accept-ranges: bytes
content-length: 2359
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/png
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/ser_icon1.png
50.28.18.203200 OK 3.9 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/ser_icon1.png
IP 50.28.18.203:0
File type PNG image data, 101 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 458e9c69ca0e4407d7b06a6a56345eca
e33360a8c71eb84789eb03465f77c63f7b0390f1
385ce9e47e3f2c8443721095ebc4a01c0ab8a91758f14806557b7fe0664aec68
GET /wp-content/uploads/2022/01/ser_icon1.png HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Mon, 17 Jan 2022 12:36:08 GMT
accept-ranges: bytes
content-length: 3901
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/png
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/06/client_logo4.jpg
50.28.18.203200 OK 8.6 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/06/client_logo4.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 297x155, components 3\012- data
Hash 092826daf0d20ffb66a0cc8de82ac024
7e64d3ed3237411015c313e8f9f572dc67dda1a5
d5b5f89982a3907dcdbdc3de42bf663c0030b17511b884aead3b3c6558d68019
GET /wp-content/uploads/2022/06/client_logo4.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Wed, 15 Jun 2022 05:00:15 GMT
accept-ranges: bytes
content-length: 8643
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/05/ser_iconn2.png
50.28.18.203200 OK 1.9 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/05/ser_iconn2.png
IP 50.28.18.203:0
File type PNG image data, 95 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 027ca8b59e76515478f7e44af4b9517d
24f4654b05d7766a471fd5c810d1032f398f5ba9
9f8fbee97f62a945725593ac0ae627e8860233428d3f53a0b33accff8cf1fa63
GET /wp-content/uploads/2022/05/ser_iconn2.png HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Wed, 11 May 2022 07:48:17 GMT
accept-ranges: bytes
content-length: 1856
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/png
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-orbital-theme.min.css?ver=2.7.3
50.28.18.203200 OK 0 B URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-orbital-theme.min.css?ver=2.7.3
IP 50.28.18.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-orbital-theme.min.css?ver=2.7.3 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Thu, 16 Mar 2023 00:11:52 GMT
accept-ranges: bytes
content-length: 0
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.7.3
50.28.18.203200 OK 1.2 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.7.3
IP 50.28.18.203:0
File type ASCII text, with very long lines (8213), with no line terminators
Hash e8a2c6d759c5e6e749fbbb34d9eb54e6
0f0e36255a58029edda6c472d4c17d312d3040f5
7832041eca294c2b6d73a6390af39933d865a7b6093ed1900a9de30605ad8d55
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.7.3 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Thu, 16 Mar 2023 00:11:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 1171
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.7.3
50.28.18.203200 OK 12 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.7.3
IP 50.28.18.203:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f33d4c5daf30eba0b10fd50e9e90c9fe
fdf7e64432f8714930b47cf245ef2a0568db6e26
5cb1c455971975e1858067e783349fd350e22654e2159cdc1e74a723f4322a6b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.7.3 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Thu, 16 Mar 2023 00:11:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 11533
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.7.3
50.28.18.203200 OK 400 B URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.7.3
IP 50.28.18.203:0
File type ASCII text, with very long lines (3860), with no line terminators
Hash 5afd8e35a9cd198fdf15600f9ecb3adc
4dc773bf113761d3ac0717ffe02726313431f46b
e950371baac0afb0dc18ee434c732d6d2a8e9caf1fedffaf802322ce7b01aecd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.7.3 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Thu, 16 Mar 2023 00:11:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 400
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.7.3
50.28.18.203200 OK 3.3 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.7.3
IP 50.28.18.203:0
File type ASCII text, with very long lines (29294), with no line terminators
Hash 01efb707e3f25310d64cd75a63387fd6
69ca54884ef7eadab9d04925d17579ef11c4bacb
b83c9ccc3198b2c3ce10860b11a65d5fc36b89a57e3c04371244ac286a4a9f00
GET /wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.7.3 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Thu, 16 Mar 2023 00:11:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 3276
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-framework.min.css?ver=2.7.3
50.28.18.203200 OK 18 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-framework.min.css?ver=2.7.3
IP 50.28.18.203:0
File type ASCII text, with very long lines (50037)
Hash a0e41a30fe70956d133fc17a11133f6b
3b04abbd69cf5242c9912caf16d1cfa524dad4c5
6d13198f40b6e1f62e1d42c1522309143d52be35747091a769cabac69cf7dc7f
GET /wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-framework.min.css?ver=2.7.3 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Thu, 16 Mar 2023 00:11:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:50 GMT
content-encoding: gzip
content-length: 18226
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/08/ftr-logo.png
50.28.18.203200 OK 6.9 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/08/ftr-logo.png
IP 50.28.18.203:0
File type PNG image data, 300 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash 3acc5c998daa727c6587bfc3baac736e
4356f71d2ea3622fb246e553d64dfbf9d5cfbd7b
e36507d9c11447e084fb889efaf8619aa7564b21560f2d948581ba2c8a3502ac
GET /wp-content/uploads/2022/08/ftr-logo.png HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Mon, 22 Aug 2022 04:46:55 GMT
accept-ranges: bytes
content-length: 6942
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/png
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/ser_icon4.png
50.28.18.203200 OK 1.8 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/ser_icon4.png
IP 50.28.18.203:0
File type PNG image data, 87 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c024133036e843b97d22f520ba24907
a98ae2b2f608fe46a8bf346dc1db46a565cf49fd
194d79711be4828005a371037323a23a9c4fb9471709f4b8f31704ec03192af3
GET /wp-content/uploads/2022/01/ser_icon4.png HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Mon, 17 Jan 2022 12:37:00 GMT
accept-ranges: bytes
content-length: 1800
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/png
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/06/client_logo10.jpg
50.28.18.203200 OK 10 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/06/client_logo10.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 297x155, components 3\012- data
Hash 942cb3ad3ad927608d0ea6f4491b3b4a
5bcbcd475de491c82354fdec1b91e622e8bb515e
dfe29b0a7ccacd83552a1c390e199a42ebbdd5a7a4c4f0e7954340462e762556
GET /wp-content/uploads/2022/06/client_logo10.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Wed, 15 Jun 2022 05:00:21 GMT
accept-ranges: bytes
content-length: 10101
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo5.jpg
50.28.18.203200 OK 5.7 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo5.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 297x155, components 3\012- data
Hash 83513f038aebf4468a4c436d370d3b0d
ecd53f3fdcf5e6a6d70ce4b5b26fec6417046d0f
f3cc91d285b42b7331c3c16a6ec6013f7e4ffc72d8d7ef53edbed81231d8e06b
GET /wp-content/uploads/2022/01/client_logo5.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 05:17:27 GMT
accept-ranges: bytes
content-length: 5730
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo8.jpg
50.28.18.203200 OK 8.4 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo8.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 297x155, components 3\012- data
Hash 8ec086076ede2d370f343e2f9c118cf3
8830fd434875711214767cff7e180c2b9f289072
5bb6cea06e820d466e14116eb0af1171efc0e581844f6bb43d6a9b7778c4224a
GET /wp-content/uploads/2022/01/client_logo8.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 05:17:39 GMT
accept-ranges: bytes
content-length: 8414
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo6.jpg
50.28.18.203200 OK 7.1 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/client_logo6.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 297x155, components 3\012- data
Hash fa2ddcd0418d19a7577fdfa40ad3e162
ad608bf31f94a034d1544b030116985f86ce8951
6573d2819627d9b8b32b1c89580f4c1e7570c544629a2b6f747da43bff5c12bd
GET /wp-content/uploads/2022/01/client_logo6.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 05:17:31 GMT
accept-ranges: bytes
content-length: 7056
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/06/client_logo9.jpg
50.28.18.203200 OK 8.7 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/06/client_logo9.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 297x155, components 3\012- data
Hash 912363de64f923a7e9a81993aba487e0
2c740f5682363f637d007f05da8d5189f32562b6
5b941e759420e6cb6a721935e18a15f9d0002405436b46fb80a0a4b2724bd7d9
GET /wp-content/uploads/2022/06/client_logo9.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Wed, 15 Jun 2022 05:00:18 GMT
accept-ranges: bytes
content-length: 8702
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/08/Blank-297-x-155-1.png
50.28.18.203200 OK 7.0 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/08/Blank-297-x-155-1.png
IP 50.28.18.203:0
File type PNG image data, 297 x 155, 8-bit/color RGBA, non-interlaced\012- data
Hash 1af3c27963368721c7ba178ffb6a76d8
8380bb8314a5e4a96e1a4d2a8383317bf866e25d
5fb89a28421566b3d5e0d5c4ce191c24bac4dba62b548dd5f7f6235bf754d2d2
GET /wp-content/uploads/2022/08/Blank-297-x-155-1.png HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Fri, 19 Aug 2022 16:06:14 GMT
accept-ranges: bytes
content-length: 7000
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/png
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/themes/theme19/images/logo.png
50.28.18.203200 OK 37 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/themes/theme19/images/logo.png
IP 50.28.18.203:0
File type PNG image data, 294 x 91, 8-bit/color RGBA, non-interlaced\012- data
Hash 395c0ef02bd75e7b8b526627c3055e36
7643c1157ad0efc8987ed7ec24e00897fa71ee80
3d51b1825804bd6461cfd144b55215a150df742a1dff1d8adca754ed7b8776d9
GET /wp-content/themes/theme19/images/logo.png HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Mon, 22 Aug 2022 04:45:48 GMT
accept-ranges: bytes
content-length: 36934
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/png
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/AdobeStock_215630575-scaled-e1672781991541.jpeg
50.28.18.203200 OK 99 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/AdobeStock_215630575-scaled-e1672781991541.jpeg
IP 50.28.18.203:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1200x750, components 3\012- data
Hash bd58faa6df7d853dbbe41c5e533d520a
7a2a674e30ce24373e6fd352c1c9846391b0e9ec
b1963bfef0a2c435b4475e06aaee59e9b3add2570d1b9d01d36fe3165f2da610
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/01/AdobeStock_215630575-scaled-e1672781991541.jpeg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 03 Jan 2023 21:39:51 GMT
accept-ranges: bytes
content-length: 98819
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/06/Blank-604-x-6507.jpeg
50.28.18.203200 OK 189 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/06/Blank-604-x-6507.jpeg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, description=Happy Young Mixed Race Ethnic Family Walking In The Park., manufacturer=Canon, model=Canon EOS 5D Mark II, orientation=upper-left, xresolution=255, yresolution=263, resolutionunit=2, software=PicMonkey https://www.picmonkey.com, datetime=2011:11:19 11:45:50], progressive, precision 8, 604x650, components 3\012- data
Size 189 kB (188573 bytes)
Hash fcb329c17bebb9a23eaa72f18efe9837
27c6e82a8bfc4295127021a345c8150799e8d141
49fb78064694c974abeac404ff6ad69d808afe261a9370af4b651056aed92b48
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/06/Blank-604-x-6507.jpeg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Fri, 10 Jun 2022 17:41:36 GMT
accept-ranges: bytes
content-length: 188573
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:50 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9209152015bce63ee2d21cc0d966532
7fb6b50059f25e76e0acd9f8ced75095ba7474fe
e3d734e1657051dfd33351e97078cf4e5210332ac63e0b104ff73e913011f024
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 22:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9209152015bce63ee2d21cc0d966532
7fb6b50059f25e76e0acd9f8ced75095ba7474fe
e3d734e1657051dfd33351e97078cf4e5210332ac63e0b104ff73e913011f024
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 22:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9209152015bce63ee2d21cc0d966532
7fb6b50059f25e76e0acd9f8ced75095ba7474fe
e3d734e1657051dfd33351e97078cf4e5210332ac63e0b104ff73e913011f024
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 22:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9209152015bce63ee2d21cc0d966532
7fb6b50059f25e76e0acd9f8ced75095ba7474fe
e3d734e1657051dfd33351e97078cf4e5210332ac63e0b104ff73e913011f024
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 22:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9209152015bce63ee2d21cc0d966532
7fb6b50059f25e76e0acd9f8ced75095ba7474fe
e3d734e1657051dfd33351e97078cf4e5210332ac63e0b104ff73e913011f024
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 22:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
142.250.74.67200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Hash b1581ddd77372ceb06eb14adfd1bea07
1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cash2gofinancial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Apr 2023 10:37:02 GMT
expires: Wed, 03 Apr 2024 10:37:02 GMT
cache-control: public, max-age=31536000
age: 44269
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v18/QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2
142.250.74.67200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v18/QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 45540, version 1.0\012- data
Hash 265a048e07b2c44b263558a34fb43ef0
da5d9a13e1d0e704edf24e435e608a7e67daca11
539d1318b0edaab4cfab043af9a46729116345b5b9b318a4c7cd25f5bc48e7e8
GET /s/worksans/v18/QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cash2gofinancial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Apr 2023 10:38:34 GMT
expires: Wed, 03 Apr 2024 10:38:34 GMT
cache-control: public, max-age=31536000
age: 44177
last-modified: Tue, 23 Aug 2022 17:55:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2
142.250.74.67200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 38720, version 1.0\012- data
Hash 5342b2bb527c1805890cfe977169338a
cb0b7569ea75637b94cae5196682f70e83e84639
e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d
GET /s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cash2gofinancial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 38720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Apr 2023 09:29:11 GMT
expires: Wed, 03 Apr 2024 09:29:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 18:41:11 GMT
content-type: font/woff2
age: 48340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.67200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cash2gofinancial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Apr 2023 10:31:10 GMT
expires: Wed, 03 Apr 2024 10:31:10 GMT
cache-control: public, max-age=31536000
age: 44621
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9209152015bce63ee2d21cc0d966532
7fb6b50059f25e76e0acd9f8ced75095ba7474fe
e3d734e1657051dfd33351e97078cf4e5210332ac63e0b104ff73e913011f024
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 22:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Overpass:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,300&family=Work+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.74200 OK 4.3 kB URL HTTP/2 fonts.googleapis.com/css2?family=Overpass:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,300&family=Work+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.74:0
Hash 15cee8581df5e0640d8f1c8e062e02c1
92c982699ce428963c57222d7b364e1c97044b7e
7e6c844cd08a6a3d2bc3723aa0a37c2d88dd3b4ce3810e89635337530b3d54a5
GET /css2?family=Overpass:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,300&family=Work+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Apr 2023 22:54:51 GMT
date: Tue, 04 Apr 2023 22:54:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/themes/theme19/print.css?ver=1.6
50.28.18.203200 OK 1.2 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/themes/theme19/print.css?ver=1.6
IP 50.28.18.203:0
File type ASCII text, with CRLF, LF line terminators
Hash b8b819e4db22a714d1fd407fc2e45115
f29d5609a3577d1750f609aa8fffdd4b4307848d
2113e9125966e958106c22477dbcb10f288d2b4a7a1ca2af1984445741a3f0e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/theme19/print.css?ver=1.6 HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 07 Jul 2020 06:29:17 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 03 Apr 2024 22:54:51 GMT
content-encoding: gzip
content-length: 1216
content-type: text/css; charset=utf-8
date: Tue, 04 Apr 2023 22:54:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/themes/theme19/images/location_bg.jpg
50.28.18.203200 OK 14 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/themes/theme19/images/location_bg.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x447, components 3\012- data
Hash 360964980837ecf8e5e8c1cedacd6b59
91a04b603226d6284365e55f0abbacdccead78a4
c224f3f73376392179c31858abb090e062caf5b77d594d51348c1e0781fa35b8
GET /wp-content/themes/theme19/images/location_bg.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/wp-content/themes/theme19/style.css?ver=1.6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Mon, 17 Jan 2022 10:55:17 GMT
accept-ranges: bytes
content-length: 14418
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:51 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/themes/theme19/images/footer_bg.jpg
50.28.18.203200 OK 43 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/themes/theme19/images/footer_bg.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x997, components 3\012- data
Hash 0754af8a51fab487526997df18064324
b1f348139cb5d0f01b57ca2042dc6b42ba09b713
5b0a5223cfd1e6feae9cdc61efe06e84d7117c532c2b6118d8d98e19d06e990e
GET /wp-content/themes/theme19/images/footer_bg.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/wp-content/themes/theme19/style.css?ver=1.6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 11:08:56 GMT
accept-ranges: bytes
content-length: 42845
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:51 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/themes/theme19/images/banner.jpg
50.28.18.203200 OK 280 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/themes/theme19/images/banner.jpg
IP 50.28.18.203:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1030, components 3\012- data
Size 280 kB (279897 bytes)
Hash f5a1e94599991f5c41596cadd44cd38f
86e931772c4dfffa0dc4177aeed69d2a60633a32
55c35b439abc6d1a8d50deb5488bbb084400886b73bcad169e4620db97172f96
GET /wp-content/themes/theme19/images/banner.jpg HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/wp-content/themes/theme19/style.css?ver=1.6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Fri, 17 Jun 2022 04:05:30 GMT
accept-ranges: bytes
content-length: 279897
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:51 GMT
content-type: image/jpeg
date: Tue, 04 Apr 2023 22:54:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/themes/theme19/images/form_bg.png
50.28.18.203200 OK 123 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/themes/theme19/images/form_bg.png
IP 50.28.18.203:0
File type PNG image data, 1400 x 680, 8-bit/color RGBA, non-interlaced\012- data
Size 123 kB (123129 bytes)
Hash 630157903297fe6d533e6b93aebf3244
891f148902134ff8e99d38d9d4bc2a822483ff76
674e0859583200fdd8b77de1c60982cfd56b549a9fa1c3174c00e07b80975be0
GET /wp-content/themes/theme19/images/form_bg.png HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/wp-content/themes/theme19/style.css?ver=1.6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 11:03:35 GMT
accept-ranges: bytes
content-length: 123129
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:51 GMT
content-type: image/png
date: Tue, 04 Apr 2023 22:54:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.cash2gofinancial.com/wp-content/uploads/2022/01/favicon.png
50.28.18.203200 OK 5.9 kB URL HTTP/2 www.cash2gofinancial.com/wp-content/uploads/2022/01/favicon.png
IP 50.28.18.203:0
File type PNG image data, 85 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash 4be2540ca92d6e24ee1523e48c3a9dc5
b50332f04b0e97ba305fec838bbdeb9ff448993f
765921944dd248cd8dd3fbf124df93d185717d16b37c32ceafce0c08beaaa408
GET /wp-content/uploads/2022/01/favicon.png HTTP/1.1
Host: www.cash2gofinancial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cash2gofinancial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
last-modified: Tue, 18 Jan 2022 13:21:53 GMT
accept-ranges: bytes
content-length: 5896
cache-control: max-age=10368000, public
expires: Wed, 02 Aug 2023 22:54:51 GMT
content-type: image/png
date: Tue, 04 Apr 2023 22:54:51 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc08e2f50-81bf-47f3-af70-d62f9a3c22eb.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc08e2f50-81bf-47f3-af70-d62f9a3c22eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3df2de3e5fc1e00fca315dfbc5b3763
134499f7657b8eb4eeaf950d8c50750487249c5e
401482b54ed71ff0270ee1301164ec5e76346d012d43ecf81ad950c624cf68e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc08e2f50-81bf-47f3-af70-d62f9a3c22eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10700
x-amzn-requestid: 7b1e9e1e-8f59-4b1e-9f85-867160c62ebc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C3yqtG2hIAMFVQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642c97dd-43705d4a085611277fa11d4b;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Tue, 04 Apr 2023 21:34:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 0iAZwGJDRnH7k_gWr9sLdbtjRZXlsqs-Y51z38SW3CL2vmRSRSLfXQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 58b8655e3ea662bad02cac6b9d4c88ba.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 21:40:40 GMT
age: 4457
etag: "134499f7657b8eb4eeaf950d8c50750487249c5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2