www.moneyheistweed.com Open in urlscan Pro
35.208.175.116 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.moneyheistweed.com/
Submission: On February 04 via automatic, source certstream-suspicious (February 4th 2021, 4:05:58 am UTC)

Summary HTTP 8 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 35.208.175.116, located in Mountain View, United States and belongs to GOOGLE-2, US. The main domain is www.moneyheistweed.com.
TLS certificate: Issued by R3 on February 4th 2021. Valid for: 3 months.

This is the only time www.moneyheistweed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4	35.208.175.116 35.208.175.116		19527 (GOOGLE-2) (GOOGLE-2)
1	2606:4700::68... 2606:4700::6810:135e		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003		15169 (GOOGLE) (GOOGLE)
8	4

4 35.208.175.116 (Mountain View, United States)

ASN19527 (GOOGLE-2, US)
PTR: 116.175.208.35.bc.googleusercontent.com

www.moneyheistweed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
moneyheistweed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	moneyheistweed.com www.moneyheistweed.com moneyheistweed.com	52 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com	752 B
1	cloudflare.com cdnjs.cloudflare.com	11 KB
8	4

	Domain	Requested by
3	moneyheistweed.com	www.moneyheistweed.com
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.moneyheistweed.com
1	cdnjs.cloudflare.com	www.moneyheistweed.com
1	www.moneyheistweed.com
8	5

This site contains no links.

Subject Issuer	Validity	Valid
moneyheistweed.com R3	`2021-02-04` - `2021-05-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.moneyheistweed.com/
Frame ID: 384149237AEC0252BCB763995B314B17
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

8
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

95 kB
Transfer

161 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.moneyheistweed.com/ 8 KB
3 KB 771ms
410ms Document
text/html 35.208.175.116
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moneyheistweed.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.175.116 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 116.175.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a228fa2ed2f85852d41519a74fe5b115cf14d4dd28cc78a2c0623119d4b47d76

Request headers

:method: GET
:authority: www.moneyheistweed.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Thu, 04 Feb 2021 04:05:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: W NC:000000 UP:
content-encoding: br

GET
H2 200 style.css
moneyheistweed.com/wp-content/plugins/cmp-coming-soon-maintenance/themes/countdown/ 12 KB
3 KB 297ms
145ms Stylesheet
text/css 35.208.175.116
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://moneyheistweed.com/wp-content/plugins/cmp-coming-soon-maintenance/themes/countdown/style.css?v=3.9.2
Requested by: Host: www.moneyheistweed.com
URL: https://www.moneyheistweed.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.175.116 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 116.175.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a8ebdea514b231cdc815b4068cce7dc090e3bb65e3562e70e58a68534ba258da

Request headers

Referer: https://www.moneyheistweed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 04:05:46 GMT
content-encoding: br
last-modified: Thu, 10 Dec 2020 16:09:14 GMT
server: nginx
etag: W/"5fd2482a-3108"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 04 Feb 2022 04:05:46 GMT

GET
H2 200 animate.min.css
moneyheistweed.com/wp-content/plugins/cmp-coming-soon-maintenance/css/ 2 KB
640 B 285ms
133ms Stylesheet
text/css 35.208.175.116
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://moneyheistweed.com/wp-content/plugins/cmp-coming-soon-maintenance/css/animate.min.css
Requested by: Host: www.moneyheistweed.com
URL: https://www.moneyheistweed.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.175.116 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 116.175.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3082056cb1678076f3ac740f1854e9ed1c682bce0ea9ebfadd7c4c43e28c85e

Request headers

Referer: https://www.moneyheistweed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 04:05:46 GMT
content-encoding: br
last-modified: Thu, 10 Dec 2020 16:09:14 GMT
server: nginx
etag: W/"5fd2482a-8ee"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 04 Feb 2022 04:05:46 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 48ms
19ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: www.moneyheistweed.com
URL: https://www.moneyheistweed.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.moneyheistweed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 04:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 805937
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
cf-request-id: 080cd09bed00004c083f812000000001
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DguviVyKZmHSiLnnrSX844nwd5XvII6r2UG5BgZPWXee8524gMKliFFqY%2FL1AuA8bd1K8ULthmW4XfoRIZrmwPKS26RY6gFmYf4XPx5CSJXlqUROJt591NLXuQW0Q%2FXYCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61c183a648da4c08-AMS
expires: Tue, 25 Jan 2022 04:05:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
752 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700%7CMaven+Pro:400,700,400&subset=greek,cyrillic-ext,latin-ext,cyrillic,latin,vietnamese,greek-ext

Requested by

Host: www.moneyheistweed.com
URL: https://www.moneyheistweed.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e138f89bcee336d79086aca42482c742753bc4b9360ffed3d75cddf81b63c1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.moneyheistweed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 04:05:36 GMT
server: ESF
date: Thu, 04 Feb 2021 04:05:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Feb 2021 04:05:36 GMT

GET
H2 200 mhw-logo-298x300.png
moneyheistweed.com/wp-content/uploads/2020/04/ 46 KB
46 KB 403ms
252ms Image
image/png 35.208.175.116
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moneyheistweed.com/wp-content/uploads/2020/04/mhw-logo-298x300.png
Requested by: Host: www.moneyheistweed.com
URL: https://www.moneyheistweed.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.175.116 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 116.175.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c5ab9bd9c4c9233b611c1b7493e60681f770be437aa70bb98db452bafc3ab36d

Request headers

Referer: https://www.moneyheistweed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 04:05:46 GMT
last-modified: Fri, 10 Apr 2020 20:42:15 GMT
server: nginx
etag: "5e90da27-b7f4"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 47092
expires: Fri, 04 Feb 2022 04:05:46 GMT

GET
H2 200 7Au9p_AqnyWWAxW2Wk3GzWQIElsO0w.woff2
fonts.gstatic.com/s/mavenpro/v22/ 18 KB
18 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mavenpro/v22/7Au9p_AqnyWWAxW2Wk3GzWQIElsO0w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700%7CMaven+Pro:400,700,400&subset=greek,cyrillic-ext,latin-ext,cyrillic,latin,vietnamese,greek-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9de1647d3164a0fa89ac17c1f9d148f330c1add59e3fde51b7c7cdd28008968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.moneyheistweed.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700%7CMaven+Pro:400,700,400&subset=greek,cyrillic-ext,latin-ext,cyrillic,latin,vietnamese,greek-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 01:14:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 23:10:22 GMT
server: sffe
age: 442242
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18292
x-xss-protection: 0
expires: Sun, 30 Jan 2022 01:14:54 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700%7CMaven+Pro:400,700,400&subset=greek,cyrillic-ext,latin-ext,cyrillic,latin,vietnamese,greek-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.moneyheistweed.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700%7CMaven+Pro:400,700,400&subset=greek,cyrillic-ext,latin-ext,cyrillic,latin,vietnamese,greek-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 16:18:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
age: 42422
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12976
x-xss-protection: 0
expires: Thu, 03 Feb 2022 16:18:34 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| init

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
moneyheistweed.com
www.moneyheistweed.com
2606:4700::6810:135e
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
35.208.175.116
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
a228fa2ed2f85852d41519a74fe5b115cf14d4dd28cc78a2c0623119d4b47d76
a8ebdea514b231cdc815b4068cce7dc090e3bb65e3562e70e58a68534ba258da
b9de1647d3164a0fa89ac17c1f9d148f330c1add59e3fde51b7c7cdd28008968
c5ab9bd9c4c9233b611c1b7493e60681f770be437aa70bb98db452bafc3ab36d
e138f89bcee336d79086aca42482c742753bc4b9360ffed3d75cddf81b63c1b6
f3082056cb1678076f3ac740f1854e9ed1c682bce0ea9ebfadd7c4c43e28c85e