r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 035772439731bbe3992c865f68e4b977
53fe2d0f678772b6b3e935aaca4d1ef82767e48f
9880ae6537e30af38e8d7ed612a5a44a54037d86686c63ef7eeebcc62cbda05f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9880AE6537E30AF38E8D7ED612A5A44A54037D86686C63EF7EEEBCC62CBDA05F"
Last-Modified: Sat, 01 Apr 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11384
Expires: Tue, 04 Apr 2023 05:45:54 GMT
Date: Tue, 04 Apr 2023 02:36:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c17f530e6db706fa5f9eb36a6cca4a4
446b60a425aae47b0adf5abd7e18e9f90f52c0bc
ccf1a90e945a18fb951654d29f128acdb3916d4dca315b0fad44ae8cc95be48e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCF1A90E945A18FB951654D29F128ACDB3916D4DCA315B0FAD44AE8CC95BE48E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2324
Expires: Tue, 04 Apr 2023 03:14:54 GMT
Date: Tue, 04 Apr 2023 02:36:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 02:28:43 GMT
content-type: application/json
age: 447
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfa7240b39fdd332060e920c46349e55
4048b95ed6f1434eebbfd50296d21e3660c96448
53b261a56af518a9a5f27a6e08209e1c137d4c24947229567ee11f6b79cee7a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53B261A56AF518A9A5F27A6E08209E1C137D4C24947229567EE11F6B79CEE7A4"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3174
Expires: Tue, 04 Apr 2023 03:29:04 GMT
Date: Tue, 04 Apr 2023 02:36:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP
File type PEM certificate\012- , ASCII text
Hash 95f61d351f5fc9533cc78e255ce9bc06
fba284117f347782ac23c51d141d7e3ec15a867e
7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3
GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oQEoD5hNOKbebi0EUj8939xnBckWJj4c6iu/9Ak9oSZYzqrD20dDMIbFVnBVwf5eW24ITR8YTsQ=
x-amz-request-id: SBX3QYAH3MACJMJZ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 01:52:58 GMT
age: 2593
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:36:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 04 Apr 2023 02:14:44 GMT
age: 1287
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2820ca2dae3aed6a76736f236502749b
d2e4995fdd0fbb64d9051f50be93023a752ef449
0ac73659b8f464575a3596da96a94fc6dbc26a4d5a90bec1331a5df5ad796006
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AC73659B8F464575A3596DA96A94FC6DBC26A4D5A90BEC1331A5DF5AD796006"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13148
Expires: Tue, 04 Apr 2023 06:15:19 GMT
Date: Tue, 04 Apr 2023 02:36:11 GMT
Connection: keep-alive
www.cashgainhacks.com/emailpost/reviewpromptrelease/
200 OK 28 kB URL HTTP/1.1 www.cashgainhacks.com/emailpost/reviewpromptrelease/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (527), with CRLF line terminators
Hash 0de23de4d1f20a7e01826fb23a1cacb5
648cae83e341129cb846907312f61b9310a0af11
c60c288c5f772880f9e695acf92793b0b7be596d1e4ae6454c4dd11e14a1a910
Analyzer Verdict Alert openphish Outlook
fortinet Phishing
GET /emailpost/reviewpromptrelease/ HTTP/1.1
Host: www.cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:09 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28461
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
code.jquery.com/jquery-3.3.1.min.js
200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP
File type ASCII text, with very long lines (65451)
Hash d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cashgainhacks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Apr 2023 02:36:11 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680575771.dop222.sk1.t,1680575771.cds210.sk1.hn,1680575771.cds240.sk1.c
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CIg/UZul8GsMj7GfQ/8QEQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A/qV+RfWmzWp2UqQjZN9ALFcjtM=
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/backgrounds/0-small.jpg?x=138bcee624fa04ef9b75e86211a9fe0d
200 OK 3.0 kB URL HTTP/1.1 secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/backgrounds/0-small.jpg?x=138bcee624fa04ef9b75e86211a9fe0d
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x28, components 3\012- data
Hash 138bcee624fa04ef9b75e86211a9fe0d
23bbcdaaebd6c9a6e57e96e44493b2212860fcab
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea
GET /ests/2.1.8148.16/content/images/backgrounds/0-small.jpg?x=138bcee624fa04ef9b75e86211a9fe0d HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cashgainhacks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 3006
Content-Type: image/jpeg
Content-MD5: E4vO5iT6BO+bdehiEan+DQ==
Last-Modified: Sat, 18 May 2019 23:34:28 GMT
Cache-Control: public, max-age=587640
Date: Tue, 04 Apr 2023 02:36:11 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
200 OK 1.4 kB URL HTTP/1.1 secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Hash 9f368bc4580fed907775f31c6b26d6cf
e393a40b3e337f43057eee3de189f197ab056451
7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36
GET /ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cashgainhacks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 1435
Content-Type: image/svg+xml
Content-Encoding: gzip
Content-MD5: nzaLxFgP7ZB3dfMcaybWzw==
Last-Modified: Sat, 18 May 2019 23:35:05 GMT
Cache-Control: public, max-age=89796
Date: Tue, 04 Apr 2023 02:36:11 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
200 OK 263 B URL HTTP/1.1 secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Hash 1ccc2c1e135776dadf8ab40393372a30
896401dab83bfc11a8b762bcb31d380831f97c9f
ab27d5557bbbd037b4af2acce3f53c868efa932558bd7dd8e3f0347b10325043
GET /ests/2.1.8148.16/content/images/ellipsis_white.svg?x=5ac590ee72bfe06a7cecfd75b588ad73 HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cashgainhacks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 263
Content-Type: image/svg+xml
Content-Encoding: gzip
Content-MD5: HMwsHhNXdtrfirQDkzcqMA==
Last-Modified: Sat, 18 May 2019 23:34:22 GMT
Cache-Control: public, max-age=227576
Date: Tue, 04 Apr 2023 02:36:11 GMT
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/backgrounds/0.jpg?x=a5dbd4393ff6a725c7e62b61df7e72f0
200 OK 283 kB URL HTTP/1.1 secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/backgrounds/0.jpg?x=a5dbd4393ff6a725c7e62b61df7e72f0
IP
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size 283 kB (283351 bytes)
Hash a5dbd4393ff6a725c7e62b61df7e72f0
55b292f885ffc92abce18750b07aa4acfa4e903e
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
GET /ests/2.1.8148.16/content/images/backgrounds/0.jpg?x=a5dbd4393ff6a725c7e62b61df7e72f0 HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cashgainhacks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 283351
Content-Type: image/jpeg
Content-MD5: pdvUOT/2pyXH5ith335y8A==
Last-Modified: Sat, 18 May 2019 23:35:05 GMT
Cache-Control: public, max-age=587640
Date: Tue, 04 Apr 2023 02:36:11 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
200 OK 17 kB URL HTTP/1.1 secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ests/2.1.8148.16/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: secure.aadcdn.microsoftonline-p.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cashgainhacks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 17174
Content-Type: image/x-icon
Content-MD5: EuPayFgGHQiAI7K9SOL6lg==
Last-Modified: Sat, 18 May 2019 23:34:18 GMT
Cache-Control: public, max-age=441697
Date: Tue, 04 Apr 2023 02:36:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
www.cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
301 Moved Permanently 0 B URL HTTP/1.1 www.cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html HTTP/1.1
Host: www.cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cashgainhacks.com/emailpost/reviewpromptrelease/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Apr 2023 02:36:10 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: pmpro_visit=1; path=/; HttpOnly
Location: https://www.cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
301 Moved Permanently 0 B URL HTTP/1.1 www.cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg HTTP/1.1
Host: www.cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cashgainhacks.com/emailpost/reviewpromptrelease/
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Apr 2023 02:36:10 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: pmpro_visit=1; path=/; HttpOnly
Location: https://www.cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f06399875b2b1c6a0afe8a1d791f5a4a
f2ce36c5d6599e57e4df8f08a030e8cb00ebe830
2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3615
Expires: Tue, 04 Apr 2023 03:36:28 GMT
Date: Tue, 04 Apr 2023 02:36:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f06399875b2b1c6a0afe8a1d791f5a4a
f2ce36c5d6599e57e4df8f08a030e8cb00ebe830
2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3615
Expires: Tue, 04 Apr 2023 03:36:28 GMT
Date: Tue, 04 Apr 2023 02:36:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f06399875b2b1c6a0afe8a1d791f5a4a
f2ce36c5d6599e57e4df8f08a030e8cb00ebe830
2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3615
Expires: Tue, 04 Apr 2023 03:36:28 GMT
Date: Tue, 04 Apr 2023 02:36:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d1360ec3cb182322e0a0c445f57e5b7
9f71e3cd002ca8116d917c3b7fb57291099269d1
e3d216e879d771bf2507928ba1b26465c87a4202a4cdc03483f002c2826a81b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5f70c40-8b38-48db-b482-a5cc8f1580ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6912
x-amzn-requestid: 53fcdc8a-e064-4e81-b5ac-5d0ae4bcfdb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fpuEZ-IAMFxaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b463d-3b7b43f30dd66fae5dc9ea6a;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:49 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: I29hcOKFN0L3ivDpD5pWg-Kg22Z10td_Vll6SRScTslvd__JZnJyTg==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:52:12 GMT
age: 17041
etag: "9f71e3cd002ca8116d917c3b7fb57291099269d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 790b71fc2b1faa08db8b4334c9c3f9e3
e1defe547d4ffca2560cd8f25c4f7a92a9ae87b4
eed429169c9d3feb115463d8ead934fa348cdca60aabf0c88d4553ed23575c9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106409ef-b973-4018-aee9-294835a882a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10535
x-amzn-requestid: 8efe600f-9818-4c23-afd3-41c5a4dece2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frbFHSoAMF8HQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-65e8e6fd575fdc91668d6676;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: NhzzKWFDbSlLrixhTlz5sZSW4x_TPkwj7Kzt6M2m1FmXR7ZdBCCq0w==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 22:01:36 GMT
age: 16477
etag: "e1defe547d4ffca2560cd8f25c4f7a92a9ae87b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b3221e-f465-4b09-8edb-d71d2b28f571.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b3221e-f465-4b09-8edb-d71d2b28f571.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 904fe1f41565ef3b94317ec52a7203e1
b7911bd82a447c46eb419919a52ea46fa243ee0f
19e32a25d63d4696b05d167d44b640582352985928518bc2ce11973a20e9b2da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b3221e-f465-4b09-8edb-d71d2b28f571.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11387
x-amzn-requestid: 3e5b802d-c2f3-4b72-8dea-5f6452cd57d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frcED1oAMFZiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-2429f95743f7924f14ec8565;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: tdr_kJ1GbV0H6rARDLO1yy5EoMkWnaZUflx3tibj7mptRhUJu1Hw2g==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:52:12 GMT
age: 17041
etag: "b7911bd82a447c46eb419919a52ea46fa243ee0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16318447-1c81-4525-becf-32a77c9030e1.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16318447-1c81-4525-becf-32a77c9030e1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c226ea23c670c61a42a6d94959e10dc
e4a946d93a63ad9fcf751fbb8e55ab18466197e2
b95c03169121047006cdab960d5564c683c6ef8755ba9ca143e0c87bcca9ed92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16318447-1c81-4525-becf-32a77c9030e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4265
x-amzn-requestid: c4bfc599-63fb-4953-b39b-45c059c99070
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CopBKHO1IAMF10A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6426886d-7adcee9a3a8156542d555ccf;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 07:14:53 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nIzZ59KreRBEwpeZdkq3VT4V04hlaB-4r7x7bGDLGgUVs5PBuYuflQ==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 08:33:26 GMT
age: 64967
etag: "e4a946d93a63ad9fcf751fbb8e55ab18466197e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86274a5c-15b7-49b6-a8ee-01546eb3817c.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86274a5c-15b7-49b6-a8ee-01546eb3817c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968835dc12a7fcd43dd43ce155b857f4
a5d938ee5166c39a3cd73a2a85469f06338341e6
369095e1c0c06d202d9b4a199017193aa08d114eebe18dbe4192d28046f0b3ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86274a5c-15b7-49b6-a8ee-01546eb3817c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7652
x-amzn-requestid: d3a5499f-5194-4521-96d0-580f8582fb1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fpsHO_oAMFjEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b463d-7ad0993b235ba1933683c3ae;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:49 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: zsw_k7p9lQ0dI6SoWv5oKshdfUlNOi87fNS99mF1dXNv9EnQpt2CWg==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:53:44 GMT
age: 16949
etag: "a5d938ee5166c39a3cd73a2a85469f06338341e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81b22292-2571-4b3d-aeae-f84b72b36391.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81b22292-2571-4b3d-aeae-f84b72b36391.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0e87dbffda284dbb0008567a8d4dee30
8edeb9deea0d64ca580af16c44b99d37e918fd58
023247190546b5da51b52c452cf0ce7fe2c4a5b640d5ed682b27e80ee1b3f850
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81b22292-2571-4b3d-aeae-f84b72b36391.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6134
x-amzn-requestid: d72d8ddc-ed19-402a-b1e7-3392eacd9230
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fpsGPIoAMFppA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b463d-4099b9bc35b52bd3297c0bbb;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:49 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: sGdeT2q8lkX5OCuHS456z_5v7gQ-TUwyLnp3e9bE7TmOjG6SsJjLxg==
via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:52:05 GMT
age: 17048
etag: "8edeb9deea0d64ca580af16c44b99d37e918fd58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
301 Moved Permanently 0 B URL HTTP/1.1 www.cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg HTTP/1.1
Host: www.cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cashgainhacks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Apr 2023 02:36:12 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: pmpro_visit=1; path=/; secure; HttpOnly
Location: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
301 Moved Permanently 0 B URL HTTP/1.1 www.cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html HTTP/1.1
Host: www.cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cashgainhacks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Apr 2023 02:36:12 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: pmpro_visit=1; path=/; secure; HttpOnly
Location: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
404 Not Found 22 kB URL HTTP/1.1 cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (43975), with CRLF, LF line terminators
Hash df855a79f6c15e812816ba3ab2e71276
a3e097b273c829eeaca74be3a9a8ee8be7dc3f12
647be0bd64aa970f765c8c8c1da2d37c3b8c8886efbd741be6ec11da55f4aaa4
Analyzer Verdict Alert fortinet Phishing
GET /emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cashgainhacks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Tue, 04 Apr 2023 02:36:13 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://cashgainhacks.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: pmpro_visit=1; path=/; secure; HttpOnly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21834
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cashgainhacks.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.4
200 OK 8.0 kB URL HTTP/1.1 cashgainhacks.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.4
IP
File type ASCII text, with very long lines (38452)
Hash 9a7d874836bbf33583506399f4716657
b63c47798f1da8e194df165c06d645b5d40acd7d
ba3d5a3d42ecb2692c10de1f2c68e752e84012b1129587416947f95d66c564b7
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.4 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 06:42:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8030
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.6.6
200 OK 2.0 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.6.6
IP
File type ASCII text, with very long lines (10435), with no line terminators
Hash 204fee8a1ebc4a162d2d12eda0db700d
c572ae45e9bead0a24000b451a4067523a82d04d
1d57f7ae216ada40cb346105f2b1d3097f6788c952d70e33342019edf701747e
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.6.6 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1966
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=2.10.3
200 OK 3.9 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=2.10.3
IP
File type ASCII text, with CRLF line terminators
Hash abfcad707fd081dd832e5d94bd6e9a9f
032ce57e7dffb971e4f23e8354fb6c4819a591c5
adbe81e0b71d3a841eb53297c1922c35dc436a084339d51beb884b69b0bc72c8
GET /wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=2.10.3 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 17 Mar 2023 00:56:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3880
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.9.4
200 OK 16 kB URL HTTP/1.1 cashgainhacks.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.9.4
IP
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Hash 0ded19625f5bb91c12f2189ae1c6d3e3
a995162a06cd8e8b6ef53a78f8c923ed58e4925c
b5cc0624118335f7aeb65fc887db1f586f9cd43da692cc0e56e77a3263d551fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-grid.min.css?ver=3.9.4 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 06:42:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16155
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.9.4
200 OK 1.9 kB URL HTTP/1.1 cashgainhacks.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.9.4
IP
File type ASCII text, with very long lines (16351), with no line terminators
Hash eb994949c6c3797f34bb2165e6057ac7
4131ce9f39a662122d53818549eb79cfce5ae749
9dd9ef807f0d514190753433bb37fcdbeaaa5aff4e528ebc4958c0fcda7704c9
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout-grid.min.css?ver=3.9.4 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 06:42:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1948
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=3.9.4
200 OK 891 B URL HTTP/1.1 cashgainhacks.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=3.9.4
IP
File type ASCII text, with very long lines (6005), with no line terminators
Hash 6706f92a99667d0805cddb1a34e8c4d5
39365474eb1cea5306db55d3d9e249d34697fc5b
129d1e9d35c55a5b7c11fd04285148ad06a2d2207aa54165f7f331001812ae58
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen-grid.min.css?ver=3.9.4 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 06:42:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 891
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2
200 OK 13 kB URL HTTP/1.1 cashgainhacks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2
IP
File type ASCII text, with very long lines (48325)
Hash 9a2b024f6b051bf0c4093c3e52ec9546
47bf1cfe0f0ece10731cf807b51fba0097df17af
c1079d9f6a408084997c0d4d2aa53eaa46103c04caeac1ded17620ed600922ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.2 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 21:01:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12736
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 30735a8260b9c875d42add2d33a9a6c0
ea1076f012420c6d3ae054f07a6948352c96a598
995b7ad71da6aa8933947de9bd441a5c4a366e143864ad4fc5a9af3c6f193aca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 02:36:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cashgainhacks.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0
200 OK 4.0 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0
IP
File type ASCII text, with very long lines (19317)
Hash 0d747fb6f28837347b5ceff550ca512b
2ee04726281cea6ba1b911a26edde515966ce376
790c41e64ebca51aa69a719b3fbf3e7e5280251a240f335e5fe03bde010705d7
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.18.0 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3977
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.6.6
200 OK 27 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.6.6
IP
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash f72f93803d6b74360fa5e7e0eb96ac05
ab52e3f85252ba48c415e0720f66561146677328
a78475b99f76b2dbe38410639f5cc69f2a12828a34dc71a4e57c286b90e50f86
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.6.6 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 26964
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
200 OK 2.4 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
IP
File type ASCII text, with very long lines (12876), with no line terminators
Hash 910d8f18f2e7b1120e9131e86b6752f7
ecc02688fbf3379a593740c555f3b37c074eea1f
42f6ad9cf937986de0e52c30f26c4fa6a22bab1b7e7696ecc4ee410c556ac003
GET /wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2409
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/uploads/elementor/css/post-6.css?ver=1680284409
200 OK 389 B URL HTTP/1.1 cashgainhacks.com/wp-content/uploads/elementor/css/post-6.css?ver=1680284409
IP
File type ASCII text, with very long lines (1160), with no line terminators
Hash b7a4f1b5a0323994a1831e4a567444a0
0ca23f540b666978c5cdec3daf73a8e3cf02e18f
cb5caf871d293bf29c98aff9b46d331e51b37b29ebbdd9de7c5f0f3afdd20750
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-6.css?ver=1680284409 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 389
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.12.0
200 OK 11 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.12.0
IP
File type ASCII text, with very long lines (65496)
Hash fa9cf7a7cfb46d32e286a6b4bcfd0a8d
c3a5e54429219c768972a91dc52bdefdeda31d9f
19dfb3eeb690b051d1dfc723a3e0ffaa431a173290251294ac894be15feae2bc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.12.0 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10778
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 30735a8260b9c875d42add2d33a9a6c0
ea1076f012420c6d3ae054f07a6948352c96a598
995b7ad71da6aa8933947de9bd441a5c4a366e143864ad4fc5a9af3c6f193aca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Apr 2023 02:36:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cashgainhacks.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.2
200 OK 1.7 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.2
IP
File type ASCII text, with very long lines (11971)
Hash 86e329491402f8adac6b772ffa4e1172
a5ffe78cda7d6af99542963bb5ccafcb6617c330
2d233a4e8c386f183c72e177f51c4fb0da0b1b691e2243cacb6acf74982d5079
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.8.2 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 23:12:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1709
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/uploads/elementor/css/global.css?ver=1680284410
200 OK 4.8 kB URL HTTP/1.1 cashgainhacks.com/wp-content/uploads/elementor/css/global.css?ver=1680284410
IP
File type ASCII text, with very long lines (32303)
Hash 289c8849ecd8bc85095698243fe01cdc
0e4a270cb277415e3a8a15d9c05e2de3122c7487
4e083810102865ce866f2efba3067c3efec07d4c49cb2051eddffdc9fce338e9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/global.css?ver=1680284410 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4818
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/uploads/elementor/css/post-185.css?ver=1680284410
200 OK 870 B URL HTTP/1.1 cashgainhacks.com/wp-content/uploads/elementor/css/post-185.css?ver=1680284410
IP
File type ASCII text, with very long lines (1808)
Hash 06fb1d8dedb19d028ad7db8b7658ecc3
6b0334679b08fc0894520606c92e0b89d94bd189
7dbcf7bf2244d16aed57fe6786293ab06a324fd7cc6058082f858916f051a4c8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-185.css?ver=1680284410 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 870
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.6.4
200 OK 842 B URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.6.4
IP
File type ASCII text, with very long lines (3508)
Hash 73a98ce478c4e78da80007fab39aa008
e2b080bb95494eaf6b97f99be08c5afd78a069aa
8ca6ebcc7bebe27208d74a9867d61e2f8db556993d1b65c85ca6f6204ce31237
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.6.4 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 842
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
200 OK 309 B URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 309
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
200 OK 13 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
File type ASCII text, with very long lines (57726)
Hash 991d00cd7cb62d50a29295522d554f1f
e128a5238f141e9c4da1979716108d858340fe03
b8fcb61816168fc6a7ee01bb09fa4378398838dc6e4f49dc411872876355d113
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12582
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=6.2
200 OK 414 B URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=6.2
IP
Hash 819e3ca39547f1c61733f24d79750d38
b581de0fbd70e2fe6fb23f97ff7b208fa7d275f5
eb1d02a86a95c165bf8a2cae5bcde6da6ed19b1cdf5d832c73fd1950931ce40c
GET /wp-content/plugins/visitors-traffic-real-time-statistics/js/front.js?ver=6.2 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Wed, 04 Jan 2023 18:41:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 414
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
200 OK 4.8 kB URL HTTP/1.1 cashgainhacks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
IP
File type ASCII text, with very long lines (13326)
Hash 0849b4504f3723cce44b1e3b969002f0
f79a867f709041487baf777ac4e2f9db752bedaf
19847c5a2db57a0c3770c2011b793e5a7789f551ea9b659c19ee33c2d83f0337
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 21:01:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4795
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
200 OK 3.6 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
IP
File type Unicode text, UTF-8 text, with very long lines (29459)
Hash 2e7c50e4021c3a60ee5c7da920703d3f
c1dedc275ad389cad31e48781c8ffa6fd366c113
2a30e21ab04f369d949232b4b4188b347f7fdb5f9d70836b39d2cf68eb20f436
GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 23:12:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3559
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=7.5.1
200 OK 997 B URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=7.5.1
IP
File type ASCII text, with very long lines (3287), with no line terminators
Hash 92042708a57c98fb89edd0ecd0140269
327ceec159abd4eb6d13f694e28bec0c38d273e9
eecaf6cabf370bdfe6f9cf818f194887e605d9962b78b863ace803508ec73b8f
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 997
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=7.5.1
200 OK 1.9 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=7.5.1
IP
File type ASCII text, with very long lines (7887), with no line terminators
Hash 65e188a3b607e73350bb4125b78af498
9b368307b5278be7f9d75aca5abf1450d1f4d5ac
366ac05c8ed43837aff8ef7586b434334091561b5f350a3d406e39780387b631
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1915
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4
200 OK 4.1 kB URL HTTP/1.1 cashgainhacks.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4
IP
File type ASCII text, with very long lines (16935), with no line terminators
Hash 757a17fde44c92828cafe307b596ceb9
02059cf326b80b0e75e8854362978b11b0967afa
0ed1f9942a2eed5143794f12eb7c4fffcbbda3019bf486949bd487099ece14c0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.4 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 06:42:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4075
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
200 OK 31 kB URL HTTP/1.1 cashgainhacks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
IP
File type ASCII text, with very long lines (65447)
Hash 8e4c7c63a7bd9d169bd6ff591b3b8066
68bf52f27f14423e2364aeab255d76bc3d469470
7b480d44d4a9cce9f3f403809ad00a041abf3be16a4ceb44d33be002d69e80a1
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.3 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:14 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 21:01:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 31049
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.5.1
200 OK 3.5 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.5.1
IP
File type ASCII text, with very long lines (9111)
Hash f6004c12128ba678a6ab8fafb9cb1d61
a023d537a3273176524815baca3f2c42cc601a3c
e516f66f227db9eb26f5bec7605f4647680979c10c9bb61ac1654ccbf7e348af
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3496
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.5.1
200 OK 1.3 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.5.1
IP
File type HTML document, ASCII text, with very long lines (3348), with no line terminators
Hash 89dfacb8300f8b525f34fa74159418d5
95553d2775cb8ad59fc807ff196ca1b28dff8f6d
a720dbdd441b9a3f7783f6b6bad7a290c459dcb947ff1b469248c145a1c7eddf
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1273
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.5.1
200 OK 982 B URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.5.1
IP
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 982
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.5.1
200 OK 794 B URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.5.1
IP
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 794
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.5.1
200 OK 1.2 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.5.1
IP
File type ASCII text, with very long lines (3286), with no line terminators
Hash ea59a4b4b4a46b63cfc512cb332ed974
d826f695b77059a9df1c6bbb206e18097097465e
81e40f44a550c76b6ae61cf982936358761c24e1fdc74a8d341fb9b4067887f1
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1242
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.6.4
200 OK 3.2 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.6.4
IP
File type ASCII text, with very long lines (9055), with no line terminators
Hash feecbc560997d424a6f553a60455c8ad
e0ecc85ff84020ed0640e28b400ffc4c82da985e
08d9f77996e8ce4d381210c008de39cd6de426051fa3b195869afc455f62eb86
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.6.4 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3218
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
200 OK 7.2 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP
File type ASCII text, with very long lines (25115)
Hash de752486ae6f3549ee513c4f7bd89b1c
7e415888c930d6952efce6ae601c37427ac2345e
d74a2945742950cd22705aa87f266a7eccc3a7949861da7e04cab475765206d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 23:12:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7157
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.0
200 OK 2.2 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.0
IP
File type ASCII text, with very long lines (4918)
Hash b84574e6db1a34c51c3312d2f1cb45fc
b691dcfb9f2bbf40be46f967c809c7c2c8149119
d0bc63623c6a5c6cf099fd7425818347a9747334289c595f1be809d9c57fcc83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.0 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2197
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.2
200 OK 2.4 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.2
IP
File type ASCII text, with very long lines (5191)
Hash 24fb2d53fc158239f696d1ed4f762407
b18427a71daae6c09848e3818493babe6fd972e4
7d70218d102305199ebc15e16c334c8cbcbfb50c8817def6672593d981be8dbc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.2 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 23:12:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2384
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.12.0
200 OK 13 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.12.0
IP
File type Unicode text, UTF-8 text, with very long lines (42247)
Hash 201a82a406883e29da72baefc0212c5d
7521618cacc5f3b48faba66b532720cdf751134b
ec63f6620d7403a7f0280cc8cbe2d3887cec5e449e2ee930b656c50ae520f6ca
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.12.0 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12997
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
200 OK 2.5 kB URL HTTP/1.1 cashgainhacks.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP
File type ASCII text, with very long lines (8171), with no line terminators
Hash 11efd674d2619d6d71f40ca6a8ccea41
efdee98897ae3319e92d4b29c9b74d30f19431b4
7e0c870c28961afbfa45fe50d5fbdded9d62d0cb19f7fa2634838550e225d6b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 21:01:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2484
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
200 OK 2.5 kB URL HTTP/1.1 cashgainhacks.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
IP
File type ASCII text, with very long lines (6607), with no line terminators
Hash b235c9dcb14fd5ee73e19cb10e3fcae0
957e7c30cf44f052be89f5194ec436952a838494
a01cd0fecb8c2684681443c8d62ce6711b544c83d0a4c2bee7ca71cc5f323a05
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 21:01:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2499
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 6.5 kB URL HTTP/1.1 cashgainhacks.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 287748e15cc4a588d0df39da369d9035
b02e10a775f9d6ab54d448acffbc9253e2d9bfb9
742f6e950eecbeaf0c308f5d3877e48d6d57d48b7f8bd458d81875feb4b58654
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 15:43:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6532
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
200 OK 1.7 kB URL HTTP/1.1 cashgainhacks.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP
File type ASCII text, with very long lines (4875)
Hash 320b86bb1a9ce650a5e3553b2bb1c430
c56e8668b398641ed5cdcfbd8a8eba7d631cdb9c
c9ebbb8d122c6be3880d18172abfe308bb07db900689484fa765a73b8b20b3ec
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 12:04:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1661
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
200 OK 3.9 kB URL HTTP/1.1 cashgainhacks.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP
Hash eb22973e4f9791a1b52550f254a1022e
cfa38e2369070741641968207c1dbb8ccd0c9221
0dbbf082b664afe4556aee3cc7c3e173b1cb9ac665e127ddb0b8db2a60237d01
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2022 19:55:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3866
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.2
200 OK 5.7 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.2
IP
File type ASCII text, with very long lines (21520)
Hash 0d55c05766ce3640b25675105252e77c
248dca3673c885c4e18a3d9c270f8622e42b0027
659ed0407e67edb7f6ed2e996bfa5e9570fc6feb87f2391520eb52ab62469d6c
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.2 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 23:12:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5743
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
200 OK 3.0 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
File type ASCII text, with very long lines (12198), with no line terminators
Hash cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2993
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
200 OK 7.1 kB URL HTTP/1.1 cashgainhacks.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 8381c65236716d6bc7a7bab0cf8d6bcf
00b796fc06a1c616ffc1c0b7cd9704517186d18a
5da7635aab5ebc6e95a032a5183df55a66d150cb796f24a3d7041cc70714f3a1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 21:01:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7099
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.0
200 OK 12 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.0
IP
File type ASCII text, with very long lines (40551)
Hash 5284948aa5c8b82967cb5e551c8f8ca2
390c51012a22254014bc0ecad6241644ee4a99e0
89b67fe923663775a8c8945ee996831a89b5f6c5a7b6d9d6fa3e087606dc98f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.0 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12205
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.7.5.1
200 OK 1.2 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.7.5.1
IP
File type ASCII text, with very long lines (2600)
Hash 74e734f7cda4a5ee3f0bcb13f009378e
81f4b75e474ec89c7dce60aad524f4da26f63959
39b57a8f4f476f8efa3b87ee4e45915a36232a7f85f1be7d21e8904c4b3638e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1179
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.2
200 OK 5.7 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.2
IP
File type ASCII text, with very long lines (24753)
Hash 50839db78480f6b93e0a1393ec0a00f4
124c49d348f6f495c0286307de0bdc7443123946
545f3706117f7388d834ef1ae6de973237528a193e9440325ebf1a96a820492c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.8.2 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 23:12:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5690
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.7.5.1
200 OK 5.8 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.7.5.1
IP
File type ASCII text, with very long lines (19979), with no line terminators
Hash 03cdc40161fac02c407e81914e585895
488feae982741bc6db5f472e0180be65438fcae7
a59b9302c9f09a661e6b0ba11f0e1d96d5e2fe0f49c794565f50b547cb72875e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5758
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.7.5.1
200 OK 12 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.7.5.1
IP
File type ASCII text, with very long lines (30826)
Hash 3b5160d945022182deda180b0ffa97e8
f17dfb317a765fef47795d91e0e3fe1b4043a2b7
9f012f56db32d4c1f27265f95cf767de13a561b3a57d683b2180be6719ef2037
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11945
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.7.5.1
200 OK 3.6 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.7.5.1
IP
File type HTML document, ASCII text, with very long lines (9541)
Hash d8a114af81ea854c1c85ebbc98357ab3
8b56bfe66a2439d94b8e668f10f6934ec0bb8e48
d9b8d0a90a316d385f311e4654663aeffeaee561891b5025899e1f676e9e05c3
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3635
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-includes/js/underscore.min.js?ver=1.13.4
200 OK 7.3 kB URL HTTP/1.1 cashgainhacks.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
File type ASCII text, with very long lines (18798)
Hash 3f92fc0fb188799b432341421df6cfde
09041f63af89e1164a53dec66eb7b2ac1dc58ba6
6b09e750d7ecaac14315f7c7e09b6de17f8d1f790b4acdc094b74832402aee31
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 15:18:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7311
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-includes/js/wp-util.min.js?ver=6.2
200 OK 756 B URL HTTP/1.1 cashgainhacks.com/wp-includes/js/wp-util.min.js?ver=6.2
IP
File type ASCII text, with very long lines (1391)
Hash 838aa5f64f258023c2f4ced3125cc12e
0f9ba4eee7038506d01a6e741b16324ffb347fda
8212000a2ae7888dec134e6a079a16c19d71f6bcd0924384abb16027325ed218
GET /wp-includes/js/wp-util.min.js?ver=6.2 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 03:52:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 756
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.5.1
200 OK 3.8 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.5.1
IP
File type ASCII text, with very long lines (14202), with no line terminators
Hash c6529887a7a8ce5da61c4ba47ec4b908
d52569f0060298de24fa836740d40dbb9ca11ef2
d7ac69c197ad78da8803ce35bae7203e37d64373ee97924d1593ea1f62440613
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3840
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=7.5.1
200 OK 1.9 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=7.5.1
IP
File type Unicode text, UTF-8 text, with very long lines (6238), with no line terminators
Hash c5a53164277eae36fb1b58e99c1b1f43
04c88f580bf76aa97d973675c10a338926492d5a
89b5ada30fc7ad92703a3a70bb02a863ad42052cfd6bf86fe81c7d8aa34ca4cc
GET /wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=7.5.1 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 31 Mar 2023 17:40:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1874
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.10.3
200 OK 97 B URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.10.3
IP
Hash 36cc10c1c7ce63513f350620dd0e1ca3
5013c1dfb8e863be84303e5e2d357151986f92bf
49e04e36dfc48145b8b9c2009b38e5e4a0cb55da7edd7fb636ae2a2daeb135fa
GET /wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.10.3 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Fri, 17 Mar 2023 00:56:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 97
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
cashgainhacks.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
200 OK 1.3 kB URL HTTP/1.1 cashgainhacks.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP
File type ASCII text, with very long lines (3262)
Hash 479af802be00aa9410d8b99727a42a09
8da27ccb1996b08dd861edfdbf284d9f2ff7a576
262d460de8b513dca6ce76bf0223776dc346b1964929b18cd128dd4dafac9815
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 23:12:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1281
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
cashgainhacks.com/?wc-ajax=get_refreshed_fragments&elementor_page_id=0
200 OK 366 B URL HTTP/1.1 cashgainhacks.com/?wc-ajax=get_refreshed_fragments&elementor_page_id=0
IP
File type JSON data\012- HTML document, ASCII text, with very long lines (909), with no line terminators
Hash 2048ae46bbee3cbdf959027db4114117
e94fb8126ece2634ecbb4405364fbf6fd5578daf
326c8843b2dc842e34e059dbd0007f8c25af5436051bfa0b12ecf06a0dbb85a8
POST /?wc-ajax=get_refreshed_fragments&elementor_page_id=0 HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://cashgainhacks.com
Content-Length: 18
Connection: keep-alive
Cookie: pmpro_visit=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Access-Control-Allow-Origin: https://cashgainhacks.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 366
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
cashgainhacks.com/wp-admin/admin-ajax.php
200 OK 0 B URL HTTP/1.1 cashgainhacks.com/wp-admin/admin-ajax.php
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 350
Origin: https://cashgainhacks.com
Connection: keep-alive
Referer: https://cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/prefetch(1).html
Cookie: pmpro_visit=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:36:15 GMT
Server: Apache
Access-Control-Allow-Origin: https://cashgainhacks.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 80fcfbf9081b3ede0bbbb18635a9cbf4
037891066a15726bb272a8d74f96abb1520b4fe3
5cf70d8254f20aea5ca12439a4558f459d6bbf162f5e1a0f9b62e79de29d4b29
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeae50b2-4a88-4f71-ae4f-7fd74b695fe8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6898
x-amzn-requestid: a56b192d-c797-4521-9af4-e3baaa8e6205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0frbGsRoAMFjiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4648-5aeb60706595f7762c545067;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:34:00 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: FntrW1uzEjetZkzVLvN-VUeVu4uWI0ceRV5-OY12YFGq5LQKFfS2mg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:52:14 GMT
age: 17046
etag: "037891066a15726bb272a8d74f96abb1520b4fe3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.2
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.2
IP
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cashgainhacks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Apr 2023 02:36:15 GMT
date: Tue, 04 Apr 2023 02:36:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
404 Not Found 0 B URL HTTP/1.1 cashgainhacks.com/emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg
IP
Analyzer Verdict Alert fortinet Phishing
GET /emailpost/reviewpromptrelease/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg HTTP/1.1
Host: cashgainhacks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cashgainhacks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Tue, 04 Apr 2023 02:36:13 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://cashgainhacks.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: pmpro_visit=1; path=/; secure; HttpOnly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21834
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
63.250.36.143
23.36.76.226
104.88.21.65