Submitted URL: https://www.money-gnomes.net/
Effective URL: https://s1.money-gnomes.net/
Submission: On February 22 via automatic, source certstream-suspicious — Scanned from NL

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is s1.money-gnomes.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 21st 2023. Valid for: a year.
This is the only time s1.money-gnomes.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 15 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
16 4
Apex Domain
Subdomains
Transfer
15 money-gnomes.net
www.money-gnomes.net
money-gnomes.net
s1.money-gnomes.net
2 MB
2 gstatic.com
fonts.gstatic.com
20 KB
1 free-kassa.ru
www.free-kassa.ru — Cisco Umbrella Rank: 832382
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
954 B
16 4
Domain Requested by
13 s1.money-gnomes.net 1 redirects s1.money-gnomes.net
2 fonts.gstatic.com fonts.googleapis.com
1 www.free-kassa.ru s1.money-gnomes.net
1 fonts.googleapis.com s1.money-gnomes.net
1 money-gnomes.net 1 redirects
1 www.money-gnomes.net 1 redirects
16 6

This site contains links to these domains. Also see Links.

Domain
money-gnomes.ru
payeer.com
www.free-kassa.ru
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-21 -
2024-02-20
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.free-kassa.ru
E1
2022-12-26 -
2023-03-26
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://s1.money-gnomes.net/
Frame ID: 7017F27BBEB57E38BC7D5B10D378B2D4
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

Money Gnomes

Page URL History Show full URLs

  1. https://www.money-gnomes.net/ HTTP 301
    https://money-gnomes.net/ HTTP 302
    https://s1.money-gnomes.net/?i=1 HTTP 302
    https://s1.money-gnomes.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

4
IPs

3
Countries

1989 kB
Transfer

2036 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.money-gnomes.net/ HTTP 301
    https://money-gnomes.net/ HTTP 302
    https://s1.money-gnomes.net/?i=1 HTTP 302
    https://s1.money-gnomes.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
s1.money-gnomes.net/
Redirect Chain
  • https://www.money-gnomes.net/
  • https://money-gnomes.net/
  • https://s1.money-gnomes.net/?i=1
  • https://s1.money-gnomes.net/
9 KB
3 KB
Document
General
Full URL
https://s1.money-gnomes.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa79de15523a7054eb1f54316c61e7e205f8c3ae44a5eed269005696d53d540a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
79d78e2a5fd40e64-AMS
content-encoding
br
content-type
text/html; charset=windows-1251
date
Wed, 22 Feb 2023 11:59:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3pLnzAXQvYCjbjmtzOZd2dLuqgWOTILG0Sc8EiDz5fIzsgIeUnTtLmiTpSlb%2FXkpyKk6dKK7X0CMOHUsXwKWdD1kzJPIiupO7Ke4H%2BIJWcxtlQaQZKMeRGAaYnqWsATf7poL9yi%2B9C%2FO5JbUqYDqEHL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
79d78e289d7b0e64-AMS
content-type
text/html; charset=windows-1251
date
Wed, 22 Feb 2023 11:59:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1akbgjos1NPG17BfN7Us1IA5ZkPOWbvsuzWNE%2FzzEVGtu6Mx4I0e%2BmYcj2pbGA4XaIrtdWEizvAtcX8LtOx7l50aA5QL9rqf8owhMq6QI7iiczzSI19ffqwtVnf1aS%2Fx7roUf3irmS%2Bk5xQ5y6TziJX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.css
s1.money-gnomes.net/style/
16 KB
4 KB
Stylesheet
General
Full URL
https://s1.money-gnomes.net/style/style.css?v=1.01
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
241d1a69f1a448654096a6b0941f1af053b9836a1b961c17fdd0dd0cb1930028

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 28 Dec 2018 15:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c263dd8-3e4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPai3wO32H3XOGmczACOTW5AyIB2pGQ%2BeJN7%2FLa6FiX34oNZICG0kH6Fwt3T4R72VUBexUdX%2BucAlNf0YJKgdbs25yeL1%2BVpVc5YDtbIi%2BAPEtXxlv4qELSHX%2BEeUk8Ymiwn49Yc4K00GPesJ7Qk%2F7JT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
79d78e2afdb3b90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 11:59:23 GMT
css
fonts.googleapis.com/
2 KB
954 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Comfortaa
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a094e0727c302b9b5548d226f59ede76ef692df130c8b073c289ecfc85488666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 11:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 11:40:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Feb 2023 11:59:23 GMT
jquery.js
s1.money-gnomes.net/js/
56 KB
20 KB
Script
General
Full URL
https://s1.money-gnomes.net/js/jquery.js
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2017 22:49:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"599cb50e-dfa6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oj0vfx3dIrn3tS7%2F7PaDTIYYn3g%2F57sT5AzlWzUD1hGcI0yrvJm2ZxofnPFKzn3gdv1O%2FU8Bq6JWwDaFnEbjUvaAXYetzRppt8ZOtMktF3CQ1OmnMUYXi2dRupjeqNVkbC9gE2akKNhSz2iQBPIR54ds"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
79d78e2afdb4b90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 11:59:23 GMT
functions.js
s1.money-gnomes.net/js/
1 KB
984 B
Script
General
Full URL
https://s1.money-gnomes.net/js/functions.js
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1984e4aba201135fa1060590bbbd12a8e3235edc038a581ad144b8ba2e30f5b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Feb 2019 11:39:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c6d3c58-4b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qaq%2Bwfh9d37SdzkcXhD26REnKtNKMrgZBbt3RKCGht4xvnSfdxyWmEJryYtdrkNOkVDLSqk5UcPDKJGlvBqywyvaN8%2F%2FbXRDXqik8FU6mKpMyew666XrlSBmb7GkOXso6eo7HmToATGXfvef7vHryplh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
79d78e2afdb6b90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 11:59:23 GMT
payeerbanner.png
s1.money-gnomes.net/img/
2 KB
3 KB
Image
General
Full URL
https://s1.money-gnomes.net/img/payeerbanner.png
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f99247f8be063185482db4f4423b729e23c5baab6d4a7bdc9517efde31c8100

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:23 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2017 22:52:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"599cb5ae-81b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2jrWA9F7snW8CorTC1hrrHiry%2FUl5pl%2BrluRANBHHYAaGAR0%2BW8InL7IyGKuS3VPsBlyH%2FLWnWV46hNJl2N58Ptl5kXXnUI4B8hPC92Q61WDLTnaXxxzSvH7lPqtbyjnl1c0Bm%2FigUR%2BYdv%2BmP8ayY6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
79d78e2cb80cb90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2075
expires
Thu, 23 Feb 2023 11:59:23 GMT
16.png
www.free-kassa.ru/img/fk_btn/
3 KB
4 KB
Image
General
Full URL
https://www.free-kassa.ru/img/fk_btn/16.png
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:26f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc56f395f77d153150b1b7fed67ffec03dc73522a2f879610cbb25a95ba02fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *; default-src 'self' data: wss: my.fkwallet.ru freekassa.ru sendmes.ru free-kassa.ru google.com www.google.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'; script-src 'self' my.fkwallet.ru translate.googleapis.com www.gstatic.com freekassa.ru translate.google.com www.google-analytics.com code.jivosite.com www.google.com google.com free-kassa.ru 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google.com.ua *.free-kassa.org freekassa.ru ; font-src 'self' data: *.gstatic.com 'unsafe-inline'; style-src-elem 'self' data: my.fkwallet.ru free-kassa.ru 'unsafe-inline'; base-uri 'none'; form-action 'self' *; style-src 'self' my.fkwallet.ru freekassa.ru cdn.datatables.net datatables.net translate.googleapis.com free-kassa.ru 'unsafe-inline' ; style-src-attr 'self' my.fkwallet.ru free-kassa.ru 'unsafe-inline'; connect-src 'self' data: wss: wss://cdnwbstts.com my.fkwallet.ru free-kassa.ru code.jivosite.com

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:23 GMT
content-security-policy
frame-ancestors 'self' *; default-src 'self' data: wss: my.fkwallet.ru freekassa.ru sendmes.ru free-kassa.ru google.com www.google.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'; script-src 'self' my.fkwallet.ru translate.googleapis.com www.gstatic.com freekassa.ru translate.google.com www.google-analytics.com code.jivosite.com www.google.com google.com free-kassa.ru 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google.com.ua *.free-kassa.org freekassa.ru ; font-src 'self' data: *.gstatic.com 'unsafe-inline'; style-src-elem 'self' data: my.fkwallet.ru free-kassa.ru 'unsafe-inline'; base-uri 'none'; form-action 'self' *; style-src 'self' my.fkwallet.ru freekassa.ru cdn.datatables.net datatables.net translate.googleapis.com free-kassa.ru 'unsafe-inline' ; style-src-attr 'self' my.fkwallet.ru free-kassa.ru 'unsafe-inline'; connect-src 'self' data: wss: wss://cdnwbstts.com my.fkwallet.ru free-kassa.ru code.jivosite.com
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2015 10:32:35 GMT
server
cloudflare
age
1845646
etag
"1be0c75-c5e-526749bd042b7"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
79d78e2dbcda3814-FRA
content-length
3166
expires
Sun, 02 Apr 2023 03:18:37 GMT
main_1.png
s1.money-gnomes.net/img/
134 KB
134 KB
Image
General
Full URL
https://s1.money-gnomes.net/img/main_1.png
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5048884477850523e651624d845d8e0242f9c9986a73e9bc19118f94c6a6deb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:23 GMT
cf-cache-status
MISS
last-modified
Fri, 28 Dec 2018 16:41:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5c265228-2168c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zw86V%2FB7FRG%2FIoH0tUdL%2FKQnDH5%2BmwJUoHL5aZgsTqWDB%2BF7F9Cit3eKMG9%2BZaQJjFDdqBSIqZ4Z3CvK0yMyxGsF5Z1KFQSqD%2B0f0dgN95bv8SEYh78FwDKDcJzVYAFbKkX%2BoPnHLdU%2BgmsMYzv%2FOeK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
79d78e2d38e5b90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136844
expires
Thu, 23 Feb 2023 11:59:23 GMT
rega.png
s1.money-gnomes.net/img/
6 KB
6 KB
Image
General
Full URL
https://s1.money-gnomes.net/img/rega.png
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17752320546b6e3fe61390d767645bc494505268a8f75b1fc8a6f5d505041b0b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:23 GMT
cf-cache-status
MISS
last-modified
Sun, 24 Sep 2017 19:49:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"59c80c3a-17c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2mK2hpRmczJSvk1dpXOBrdpXECD9E7VtLaGQ4jZF8fKGg5AV%2ByHLAJOEeCbHIl6v%2BefZNrriye1pElM6vU50IBTdd4ZHRcI%2Fio%2BOToF9AcoevxZMdjc145kNAkJdxaa3w2Nqk4jtDsF0ulVe4%2FZXBXd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
79d78e2d38eab90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6080
expires
Thu, 23 Feb 2023 11:59:23 GMT
main_2.png
s1.money-gnomes.net/img/
93 KB
93 KB
Image
General
Full URL
https://s1.money-gnomes.net/img/main_2.png
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ec9a86a73a8c2c690901b89cb2afbe351206a8cedcd0b2f9685a1613e814dd5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:24 GMT
cf-cache-status
MISS
last-modified
Fri, 28 Dec 2018 15:12:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5c263d75-172bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJSAZ7ICchw78aYRjZmbUrhmNoWuTXXbbZgqh6ljTFqii40tmNIiNYrd%2BTi5ZlXmF%2BrfNVraf6fNqg5NdFmHCHie1WYkqX95uGlHO8zN1A7fJoCq2yx2o5iPxGQuon06VK1Gqw4cW9RTAhmxRf%2F%2FAPvf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
79d78e2d38ebb90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
94911
expires
Thu, 23 Feb 2023 11:59:23 GMT
layer_19.png
s1.money-gnomes.net/img/
1 MB
1 MB
Image
General
Full URL
https://s1.money-gnomes.net/img/layer_19.png
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/style/style.css?v=1.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b56733e5fe41b039584ebdca8bb80de4c81830dc5c66c199f445ecec0f86ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/style/style.css?v=1.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:23 GMT
cf-cache-status
MISS
last-modified
Sat, 23 Sep 2017 13:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"59c65ad0-12b663"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww5fP%2FKULidkRlyWjCOp7BZzcQKANcyzaY5kQvu6%2FDYDm0IDMWVf9N6w%2FwbCU%2FSpFFq9En4CUd23A9nRad7nCTHxHbRqyazeVjlnleSEt7pkD96HoGf6X1N0NhbTvEVbZvGrSnX7GSJW8P5HSuhGBLBC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
79d78e2d38edb90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1226339
expires
Thu, 23 Feb 2023 11:59:23 GMT
header2.png
s1.money-gnomes.net/img/
370 KB
371 KB
Image
General
Full URL
https://s1.money-gnomes.net/img/header2.png
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7fa45279175920d510ab9aa346463e9b1c979c004c38ea8af3c97d57d99a42

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:23 GMT
cf-cache-status
MISS
last-modified
Sun, 08 Oct 2017 12:41:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"59da1d14-5c9e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuNJgmrJJRQcn5yxjNX0%2FJ4g9AJxm16SLZhM0qv4xjaqX2APHTbW53OAbUsCNBbkqQ%2FiLz8D3iKfAMP4BV%2BXOjSXjArU8ogFqxq3Il8p26RAP0jFO3Jzzr8EpMLobOs2Y7bx99%2FzCtKpEjLKKzncxndn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
79d78e2d38eeb90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
379368
expires
Thu, 23 Feb 2023 11:59:23 GMT
logo.png
s1.money-gnomes.net/img/
13 KB
14 KB
Image
General
Full URL
https://s1.money-gnomes.net/img/logo.png
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/style/style.css?v=1.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18031ffa019007accd7550da8d6a076bde9484a81580d3a96f8eb5596d57ef1b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/style/style.css?v=1.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:23 GMT
cf-cache-status
MISS
last-modified
Fri, 28 Dec 2018 15:12:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5c263d75-345d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYNs5qau0PhMgEbs%2Fn4IN%2FaiqUvatZRRCeeOrd%2BEZeIkv5x9PDnoiW8HHXaTMXP7BYauGTbSiLEjJ4gIWp4pSgU2dakgARMbFcnmWIosweMRKjUUKW%2FVF9b%2BpRlN0Glt4V7baOKLLfg1Fd0VvVyKUneN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
79d78e2d38f0b90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13405
expires
Thu, 23 Feb 2023 11:59:23 GMT
1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrcfIA9c.woff2
fonts.gstatic.com/s/comfortaa/v40/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/comfortaa/v40/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrcfIA9c.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Comfortaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265bfb5dc390e9e6746eb048a9657b118712ec0f013cb7e6f13a862823e263d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s1.money-gnomes.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 05:05:31 GMT
x-content-type-options
nosniff
age
543232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7460
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 19:29:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 05:05:31 GMT
1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
fonts.gstatic.com/s/comfortaa/v40/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/comfortaa/v40/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Comfortaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7beee22f05326e6b35fe4737c4639433f496bac10e22e2b9ae23068a3d2aba29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s1.money-gnomes.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 08:58:59 GMT
x-content-type-options
nosniff
age
10824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12028
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 19:17:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 08:58:59 GMT
footer.png
s1.money-gnomes.net/img/
115 KB
115 KB
Image
General
Full URL
https://s1.money-gnomes.net/img/footer.png
Requested by
Host: s1.money-gnomes.net
URL: https://s1.money-gnomes.net/style/style.css?v=1.01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ea4d8b1097f8204320051be7c98fef9d69d6ea64a29c36ee45b0fa790a2bc1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s1.money-gnomes.net/style/style.css?v=1.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:59:24 GMT
cf-cache-status
MISS
last-modified
Sun, 24 Sep 2017 15:23:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"59c7cddc-1cbd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyPxlYUGTfDZ8l3sWzjG2mxyTVyWP3KaNshNIMKwtKJXX%2Fjq2MNH%2F2qFepr8GmXHshDSlBEynDw96U2A7Zz96hzo%2FMD1IamlJbaG5sC33IUwnvfWfPzStbVVVegLrfH6NrBugnAZVv5BvaXyeEYIi4Mo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
79d78e2d490bb90e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117714
expires
Thu, 23 Feb 2023 11:59:23 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| ResetCaptcha function| GetSumPer string| valuta function| SetVal function| PaymentSum

3 Cookies

Domain/Path Name / Value
money-gnomes.net/ Name: PHPSESSID
Value: iupp4lnif0d0r0el45f2ii5746
s1.money-gnomes.net/ Name: PHPSESSID
Value: llmso68dttkimegn448r7m2372
s1.money-gnomes.net/ Name: i
Value: 1