urlscan.io logo urlscan.io
SecurityTrails logo

moneymakersflags.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://moneymakersflags.com/
Submission: On July 04 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is moneymakersflags.com.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.
This is the only time moneymakersflags.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 188.114.96.3 13335 (CLOUDFLAR...)
3 3 151.101.193.21 54113 (FASTLY)
3 192.229.221.25 15133 (EDGECAST)
1 74.208.47.213 8560 (IONOS-AS ...)
1 2a03:2880:f17... 32934 (FACEBOOK)
3 2600:9000:235... 16509 (AMAZON-02)
1 13.32.27.116 16509 (AMAZON-02)
2 54.90.227.229 14618 (AMAZON-AES)
29 7
18    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
moneymakersflags.com
www.moneymakersflags.com
3    151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
1    74.208.47.213 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: greenwaveonline.com
www.freewebsubmission.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2600:9000:235a:8a00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    13.32.27.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-116.fra56.r.cloudfront.net
cdn.heapanalytics.com
2    54.90.227.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-227-229.compute-1.amazonaws.com
heapanalytics.com
Apex Domain
Subdomains		 Transfer
18 moneymakersflags.com
moneymakersflags.com
www.moneymakersflags.com
186 KB
3 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 2978
heapanalytics.com — Cisco Umbrella Rank: 2420
38 KB
3 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1313
10 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2807
4 KB
3 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3110
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
1 freewebsubmission.com
www.freewebsubmission.com
3 KB
29 7
Domain Requested by
10 moneymakersflags.com moneymakersflags.com
8 www.moneymakersflags.com moneymakersflags.com
3 tags.tiqcdn.com moneymakersflags.com
tags.tiqcdn.com
3 www.paypalobjects.com moneymakersflags.com
3 www.paypal.com 3 redirects
2 heapanalytics.com moneymakersflags.com
1 cdn.heapanalytics.com tags.tiqcdn.com
1 www.facebook.com moneymakersflags.com
1 www.freewebsubmission.com moneymakersflags.com
29 9

This site contains links to these domains. Also see Links.

Domain
www.moneymakersflags.com
view.publitas.com
freewebsubmission.com
Subject Issuer Validity Valid
moneymakersflags.com
WE1		 2024-07-02 -
2024-09-30		 3 months crt.sh
freewebsubmission.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-20 -
2024-10-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-12 -
2024-07-11		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M02		 2024-05-29 -
2025-06-26		 a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2023-11-09 -
2024-12-08		 a year crt.sh

This page contains 2 frames:

Primary Page: https://moneymakersflags.com/
Frame ID: 682D6FE295DC3504E255F7C5C854311E
Requests: 28 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?id=117977934881085&width=275&connections=100&stream=true&header=true&height=587
Frame ID: 88EE5991182B32522884584F4E32CF59
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MoneyMakersFlags.com - American Flags - Decorative Flags

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

29
Requests

90 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

241 kB
Transfer

337 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://www.paypal.com/en_US/Marketing/i/banner/bnr_accept_120x30_y.gif HTTP 301
  • https://www.paypalobjects.com/en_US/Marketing/i/banner/bnr_accept_120x30_y.gif
Request Chain 8
  • https://www.paypal.com/en_US/i/btn/btn_viewcart_LG.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/btn/btn_viewcart_LG.gif
Request Chain 9
  • https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/scr/pixel.gif

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
moneymakersflags.com/ 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f899c21f0762537d9ca3ee6b4a256a1aba35a8ded06c8e20500407dfd60a0a9

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89dcfc5fbc4666b8-AMS
content-encoding
br
content-type
text/html
date
Thu, 04 Jul 2024 06:16:19 GMT
last-modified
Fri, 29 Mar 2024 18:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X39JZxk%2Fnk3MLcAO1%2BnEnbyTkPQ64MZLXo%2Ff7%2BW3dvRbQxlrtxtPBgRfMzWSZEYka0p0xUsSNpUHsLofzZEJgvmM3WxUQXC2pQ7hhj3B3NZGYnfoP3yXI8AY2kAX2SjzQXyHJGH%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
flags.bmp
moneymakersflags.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneymakersflags.com/flags.bmp
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6e3298763285f02328c8490b4e03f6daf39509e112f6ca8d5d1f18cde7d2e0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Feb 2009 18:07:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6f6-462d0b61e47c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDeQjXx9%2FXBgu87aXoD2qHCWlpO%2FCahK%2FgTXdRDv5lOmmD9jB%2BvePyjuf%2FsPK3hdGRdWrwVhA%2BicIaifd0kUFPlN0Li%2FLW0%2FwHS6FWIjL0zAgfNJtFRUxG7KaNKrZR2IAHJNFZv5Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-ms-bmp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc60cd3b66b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
1782
flagpoles.bmp
moneymakersflags.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneymakersflags.com/flagpoles.bmp
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a55acd31f4c4dcfb6b77b18d949fcea07251dc3bbd1e33e3ef81ff846f3d0f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Feb 2009 18:07:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"836-462d0b6c62080"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNaOP1yL0jWRDk5quTMKKQWw5fy3RLEJ%2FsStnmbzS%2FKGpoVQ7Ei679neugP1JML1P1FQx%2Fs0cAcPn4ugOEyMWDSA8FKQr%2FiFlSurhLTWPjtcE0CGjcpAIwZDC9v7jPTOIPiOKj4KNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-ms-bmp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc60cd3c66b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
2102
windsocks.bmp
moneymakersflags.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneymakersflags.com/windsocks.bmp
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2b1f5e9973a753d488fe7683dc9d4882bee69c910974c50fad0e3e23dbd7510

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Feb 2009 18:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"876-462d0b7403280"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gf%2BqsajFyeIfkwR4iiW12pls33gj0nmHdIr9SmLDxXnR%2FTjVF1nMJ2nwmbDFIpKdPvQ3ilughSiIpTlO4vXQHNcC2hJVw6Pbqe8V2llp%2BDtiRMZ9xPKjuyxNEpq3u9%2FmlcGvexcq9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-ms-bmp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc60ed6366b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
2166
seasonal.bmp
moneymakersflags.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneymakersflags.com/seasonal.bmp
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc97bfd4622f92d2aa9f4929e8e67db8d9d0c5b9ed759a80a624b332251e706

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Feb 2009 18:43:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7f6-462d1375755c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPf6OLiH3TiyzUQkOLgn6uGKrA5CUUws5aOze%2BJeO%2B%2B%2FOPb4fQVR6%2BfySofggxeI6ZjyJLvXL%2Fsw7epBIY0ZO01%2FRaFnMpLKIcCC21QQG%2FSF64ftnQplz3c%2BfIp0B1NHKhJxp8j2Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-ms-bmp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc60ed6466b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
2038
display%20case.bmp
moneymakersflags.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneymakersflags.com/display%20case.bmp
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b385e7db3694aeb7cd0a49c6827711369f20646b84d5ec61e2530c32135f34e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Feb 2009 18:08:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"936-462d0b880a1c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjDNL2uQ7UdT%2BBauJRQwWJLqB1K%2BnTGrOvH6VFdAIoPyW3fQKEqc%2FiS4hdWNvTyaRMjwuRU8gFIoOVT7JzsXXhC7rjNDQ4H01i7rWj3FYmJ7zbJDuMalUkTiEyQTgCusDB2QpUDKEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-ms-bmp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc60ed6566b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
2358
sitemap.bmp
moneymakersflags.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneymakersflags.com/sitemap.bmp
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
010551d90aad92d1a4eec13d1825957a844b14397025d1da42b16690036c6e6a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Sep 2014 19:39:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"836-5022e63393d00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2ZP8BzbfLBx80IO9EV%2BqelBta9SNEL3ST4gmyO5pqBSR%2BrfWP8UkKveA7s%2FJkZRBIGYAvuf%2BZ53PDuQ2WmbkhJLKPzojUbxdeIY4NzFtRlKWHDwu1CQvvIXeX16ANsZFFuGFhi4Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-ms-bmp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc60ed6c66b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
2102
aboutus.bmp
moneymakersflags.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneymakersflags.com/aboutus.bmp
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970e6b9ab1bd0b841d2b07cbffff0f944efadd35f974eee2a7936306a687b988

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Feb 2009 18:05:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7b6-462d0adb6ca80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hgjx6mUlBHfWuwjc5li%2BVmMObhx%2FPoKO8S%2FbsO%2B3pzNVGya7Fud8XavoltXjnkwhqqgUFvCH6r%2F8EcwGmj0Wg7yU0sQS327ctRKoR7F7MWy2KiDps7VXgDyZIi4L%2BKqWruxWWWvb1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-ms-bmp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc60ed6e66b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
1974
bnr_accept_120x30_y.gif
www.paypalobjects.com/en_US/Marketing/i/banner/
Redirect Chain
  • https://www.paypal.com/en_US/Marketing/i/banner/bnr_accept_120x30_y.gif
  • https://www.paypalobjects.com/en_US/Marketing/i/banner/bnr_accept_120x30_y.gif
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/Marketing/i/banner/bnr_accept_120x30_y.gif
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H2
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48ED) /
Resource Hash
316f5bd2d217c6317978c224cb0439a013cf4f804fcf59dba5e6940fe068c44a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://moneymakersflags.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
0d0abe85a165e
dc
ccg11-origin-www-1.paypal.com
content-length
1420
last-modified
Thu, 22 Feb 2018 00:46:18 GMT
server
ECAcc (ama/48ED)
traceparent
00-00000000000000000000d0abe85a165e-b9674e4966279351-01
etag
"5a8e12da-58c"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Thu, 04 Jul 2024 07:16:19 GMT

Redirect headers

date
Thu, 04 Jul 2024 06:16:19 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f9908055734a1
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
286
x-served-by
cache-fra-etou8220040-FRA, cache-ams21033-AMS, cache-ams21033-AMS
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f9908055734a1-6a8249afd1dc31fd-01
x-timer
S1720073779.391937,VS0,VE169
content-type
text/html; charset=iso-8859-1
location
https://www.paypalobjects.com/en_US/Marketing/i/banner/bnr_accept_120x30_y.gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
bytes
x-cache-hits
0, 0, 0
btn_viewcart_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain
  • https://www.paypal.com/en_US/i/btn/btn_viewcart_LG.gif
  • https://www.paypalobjects.com/en_US/i/btn/btn_viewcart_LG.gif
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_viewcart_LG.gif
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H2
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CF) /
Resource Hash
5965f75133ab9034554de9befd349f43869a74475f17683f76b3287e645d6f73
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://moneymakersflags.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
322313b6f9b79
dc
ccg11-origin-www-1.paypal.com
content-length
1751
last-modified
Fri, 16 Aug 2019 04:57:33 GMT
server
ECAcc (ama/48CF)
traceparent
00-0000000000000000000322313b6f9b79-4736964a9853c052-01
etag
"5d5637bd-6d7"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Thu, 04 Jul 2024 07:16:19 GMT

Redirect headers

date
Thu, 04 Jul 2024 06:16:19 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f990805b517f4
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-served-by
cache-fra-etou8220042-FRA, cache-ams21033-AMS, cache-ams21033-AMS
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f990805b517f4-7e59805ec01c3ad3-01
x-timer
S1720073779.391677,VS0,VE153
location
https://www.paypalobjects.com/en_US/i/btn/btn_viewcart_LG.gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
bytes
x-cache-hits
0, 0, 0
pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain
  • https://www.paypal.com/en_US/i/scr/pixel.gif
  • https://www.paypalobjects.com/en_US/i/scr/pixel.gif
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H2
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4894) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://moneymakersflags.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
a39820370b473
dc
ccg11-origin-www-1.paypal.com
content-length
43
last-modified
Fri, 16 Aug 2019 04:57:34 GMT
server
ECAcc (ama/4894)
traceparent
00-0000000000000000000a39820370b473-e447a56bf5767cae-01
etag
"5d5637be-2b"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Thu, 04 Jul 2024 07:16:19 GMT

Redirect headers

date
Thu, 04 Jul 2024 06:16:19 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f990805bcc535
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-served-by
cache-fra-etou8220149-FRA, cache-ams21033-AMS, cache-ams21033-AMS
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f990805bcc535-f6b0008f0f9a0d38-01
x-timer
S1720073779.391683,VS0,VE151
location
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
bytes
x-cache-hits
0, 0, 0
mail.gif
www.moneymakersflags.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneymakersflags.com/mail.gif
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0919e84d7c8e7908f1327d557a1a5a1d9b125d7144008d876adba33ae639a6c7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Jan 1999 17:19:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1064-341f387f57200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gw17dE2N%2F7ALTZ5Iser7LY0%2BGyOfLXcqUjFQDeVvbSOicvcpGLw6uDLmE6MV1DFPYUc%2FiDqOGPAx%2FXV4BxLNwq7Zah%2BgNWXdfbPxqanvtmdLw39fOT7ZOt2Dz0vxkjxstyvCZNngQVwQuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc611d9066b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
4196
flaguseandcare.jpg
www.moneymakersflags.com/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneymakersflags.com/flaguseandcare.jpg
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f25b4001f2c76490288209bb418a304f7fee30276789ad4e5077aacf1499e263

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Feb 2014 18:59:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8b31-4f26269684300"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImI9jXIy9cZ8bNACBywxRbV05eICbM7J5US%2BjJ5Ucb11QpjcwvzQfFicgZgIllChS4bombgeM2%2Fw5YGcbOWDCQ44rbdRyCtZs906YZy%2FdnEf1dvJ7hNzAxVjij6VKCqOkqzfFhOGLWroa54%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc611d9266b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
35633
unclepete.jpg
www.moneymakersflags.com/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneymakersflags.com/unclepete.jpg
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e326b0511e1ea03e09fd48c4650cd55d3b397f89b348ba347a7f6f1f44cffe08

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Thu, 17 Dec 1998 22:10:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c74d-33f3785857880"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZxQ%2Bjp9BoTxm4sNeLIOJSywcF%2FVRBjmkkiPdXLR9u8qBnHJueeDyeg1HBCBfdAgdv2Fj8lVQ0JiYY1eiBXPPALpFLEcQJzVUu4ADPj1Sj%2FdD2rz3YM7wyOa2U7KEndCG6sLddInkEiKwU%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc611d9566b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
51021
flag.gif
www.moneymakersflags.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneymakersflags.com/flag.gif
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
801e34ac2f093756293cc362095ca93d05e8365cea73ede774f6e7fcf6189098

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Dec 1998 06:20:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"20be-33f3e5db817c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77ZxLO4glDp8iyjY0BQg8zGWLuqSG4nVYfDH%2FldiWw5vhSOO4ixfnLYph3TrPyC4WpawTOoa4i2DI8gsP4Wrc11ztYmNuNxmFHF6SKnqzuN5myIqJdWnRqitvCPz8DF9RjD80EyoGzA0%2FKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc611d9966b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
8382
new.gif
www.moneymakersflags.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneymakersflags.com/new.gif
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda87135ecff4e5ac0506437178e96450da5617e519bad67cc6435ded970b4f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 19 Aug 1999 20:32:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4268-35276b5cf1d00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zdq5vIV0pKBu4R705bruqL1AJODJ1jf2TUlosq%2FwEMEp9juKPwZ2HvhZAK4LCe79%2FMD1pihjOoaJXe3PIeAxvSAJfGZuKxW3DYP2sMhG6FdpFOXeYJiVq%2BKQ07fJ%2BghmD6FrNfYD4uXRp6U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc611d9666b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
17000
shirtcapsvisors.jpg
www.moneymakersflags.com/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneymakersflags.com/shirtcapsvisors.jpg
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc10f00bfc1d2278c6067284b47ca3008f2b17646d0ba06fc17fc7a24bd939d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Fri, 06 May 2022 19:48:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9e13-5de5d23fd5c5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPkVedx1X3saBwyroE3v6ndqdOgAaBjIwTikG93Jb3CqJB38Vf8C3q1RsVToom9piXkCfKAsgFIrPMyinGQpXhEVjGEcNlxY%2F6nEbuL4y7RBrByNhVL%2FM0amlRnN5mZoBjy6rWlQBlZ3Ubw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc611d9466b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
40467
pointhnd.gif
www.moneymakersflags.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneymakersflags.com/pointhnd.gif
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fed7f7f7a4c1847670eb9485bacb5f8d6e5956c310f55d3dba875c3b0efd01e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Aug 1999 15:06:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"46f-352d6bd261300"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zmlchMzGzX1J17RIm5LwOkp5i6jthTqDykWjQa6Vaq0H1yGVJ22UzP7B4xOXFFQmgPUyiD5AgMFO1reAre%2BVUH3dYTkeB8Nw4CsSGIhz0ppdtvKp8umna%2FQ2aDNe4KHh580olvaOiRUFac%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc611d9366b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
1135
crcdflip.gif
www.moneymakersflags.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneymakersflags.com/crcdflip.gif
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff765071a09da3b5f70aca0bfab1639f9f2a208c015f7b133560df5005956d8d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:20 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Oct 1999 16:57:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"104d-3566189bfd940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZUPpPYFqvaUgV%2F5xBScNlRJ3DN7omXvtCgU8VdT0uWsuKV1uDsDxhGtqI%2Fyk%2FRjcuWiZvzqJ2UobW52pgDTbT7Iua4tE2RpsfnoclVHE2QHNkH%2B53sDF7zinNS9lf1acDW6uzgKW6RXIlE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc622ed566b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
4173
fwsbutton11.gif
www.freewebsubmission.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freewebsubmission.com/images/fwsbutton11.gif
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.208.47.213 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
greenwaveonline.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
1b46489aadd9fa90b5b61ee3aba8088056967f9bccd718d3c61fd6b74e656347

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 06:16:19 GMT
Last-Modified
Tue, 21 Apr 2020 21:52:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"914-5a3d40794a733"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2324
email-decode.min.js
moneymakersflags.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneymakersflags.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Jun 2024 11:26:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"667e9dca-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8P6OjFRsPykrvU5LrayHQQrzZplGQUjWYouUMlkJNHUaYij3SbaiTJMRF8yLdy5azRufYiqJG%2Fyb8JDHjCxei4keJ7mSEPvwsPlH%2FL57fKbqH%2BiBVd7QycAjWdIsXpaSILTdshJAMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
89dcfc60ed6a66b8-AMS
expires
Sat, 06 Jul 2024 06:16:19 GMT
likebox.php
www.facebook.com/plugins/ Frame 88EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?id=117977934881085&width=275&connections=100&stream=true&header=true&height=587
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://moneymakersflags.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 06:16:19 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387660629181926178"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387660629181926178", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2761, tp=-1, tpl=-1, uplat=291, ullat=0
x-fb-debug
UrNKed7wYWzEC7qNYDu4He+EGNu5Ud1Le0giCwy3KjjjUgLZZFRuVo5MDEDrgemmxNLUrILmQFELqK3i75l+9g==
x-xss-protection
0
utag.js
tags.tiqcdn.com/utag/marketingcenter/common/prod/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/marketingcenter/common/prod/utag.js
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:8a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c2edc71bc19415951824b180b2616e98e5853a2fa0abfd5498e644ace713882

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5UIhs7K9N913yZZZ_4bQ_mzQd1Eb2sKW
content-encoding
br
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 06:16:19 GMT
last-modified
Wed, 01 Nov 2023 14:55:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
110
x-amz-server-side-encryption
AES256
etag
W/"b3caed892ebea4e9412f55483327dc63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
lubP-jXKTUdvRoBKkBj_VWrq4WWUYmSAlUiZW4cNb3SKu3U8_Y5yAg==
utag.1.js
tags.tiqcdn.com/utag/marketingcenter/common/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/marketingcenter/common/prod/utag.1.js?utv=ut4.49.202311011455
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/marketingcenter/common/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:8a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c11831e7d9896ae9ea72866df04cd39266caca67164a38f6a3fdb9d18ff58fe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GdaCAC7jhdmCAo_uEsiHhd5_XgqmiIPK
content-encoding
gzip
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date
Thu, 04 Jul 2024 06:16:19 GMT
last-modified
Wed, 01 Nov 2023 14:55:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
110
x-amz-server-side-encryption
AES256
etag
W/"28a5c7b19806b6727b874c30256ff724"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
sTSyaOXbcgP4PzNSoXtWe-hDfakm8Gb2r3HQdvOO41wPcQ-8IIoDOQ==
heap-3986568408.js
cdn.heapanalytics.com/js/ 		118 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-3986568408.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/marketingcenter/common/prod/utag.1.js?utv=ut4.49.202311011455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-116.fra56.r.cloudfront.net
Software
nginx / Express
Resource Hash
426c1bda55320cd4df845c4315e1994952de64f5b6604ef182ae6df5602f503b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:06 GMT
content-encoding
br
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA56-C2
age
13
x-powered-by
Express
etag
W/"1d886-83LfOCggmHalEmaApREYW8sXK5Q"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
-TvrsCm-btYxheelKDPo7hrWV-_ZZWVYK0uigSWs-YbkLVOBEyODyQ==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=marketingcenter/common/202306011402&cb=1720073779489
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/marketingcenter/common/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:8a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Thu, 04 Jul 2024 06:08:49 GMT
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
H9tGJx6eRDcljVHQjXcq13PDexeux8IJTPZ1IV1vxuLoU9LGiKQyhQ==
telemetry
heapanalytics.com/api/ 		32 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=3986568408&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1720073779702&hv=4.23.0
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.227.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-227-229.compute-1.amazonaws.com
Software
/
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 04 Jul 2024 06:16:19 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
content-length
32
content-type
image/gif
add_user_properties_v3
heapanalytics.com/api/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/add_user_properties_v3?a=3986568408&u=6424879483171310&v=8237797957298271&s=4867504046716802&b=web&tv=4.0&_externaluid=o2xe9twne2nwwr6p&st=1720073779712
Requested by
Host: moneymakersflags.com
URL: https://moneymakersflags.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.227.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-227-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 06:16:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
favicon.ico
moneymakersflags.com/ 		0
478 B 		Other
General
Check archive.org
Download Go to
Full URL
https://moneymakersflags.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneymakersflags.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:16:20 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 21 May 2005 23:48:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0-3f7a679aacb00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdpa6%2FHqkBrlhdHig9%2BtNIewY9hguzgsO5Otif8wpTcgjt3oq7R38NY5YX5YS7CY9vKEhALxZhzeT%2BZ1%2BxmzRZauu%2B3qPrg1DrAkUqWf0tD1XJ59pGjxg0g1UYLL7wwjqIS%2Ft6C%2FHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89dcfc65ca1c66b8-AMS
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| utag_data object| Parameters boolean| thryv_condload object| thryv boolean| __tealium_twc_switch object| heap object| date

7 Cookies

Domain/Path Name / Value
.moneymakersflags.com/ Name: thryv_main
Value: v_id:01907c62f8ff00332e57b217b90c0506f001d06700b08$_sn:1$_se:1$_ss:1$_st:1720075579456$ses_id:1720073779456%3Bexp-session$_pn:1%3Bexp-session
.paypal.com/ Name: l7_az
Value: ccg13.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1814681779%26vteXpYrS%3D1720075579%26vr%3D7c62f9111900aa385851236cffe826c6%26vt%3D7c62f9111900aa385851236cffe826c5%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D7c62f9111900aa385851236cffe826c6%26vt%3D7c62f9111900aa385851236cffe826c5
.moneymakersflags.com/ Name: _hp2_props.3986568408
Value: %7B%22externaluid%22%3A%22o2xe9twne2nwwr6p%22%7D
.moneymakersflags.com/ Name: _hp2_id.3986568408
Value: %7B%22userId%22%3A%226424879483171310%22%2C%22pageviewId%22%3A%228237797957298271%22%2C%22sessionId%22%3A%224867504046716802%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.moneymakersflags.com/ Name: _hp2_ses_props.3986568408
Value: %7B%22z%22%3A0%2C%22ts%22%3A1720073779710%2C%22d%22%3A%22moneymakersflags.com%22%2C%22h%22%3A%22%2F%22%2C%22t%22%3A%22MoneyMakersFlags.com%20-%20American%20Flags%20-%20Decorative%20Flags%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
heapanalytics.com
moneymakersflags.com
tags.tiqcdn.com
www.facebook.com
www.freewebsubmission.com
www.moneymakersflags.com
www.paypal.com
www.paypalobjects.com
13.32.27.116
151.101.193.21
188.114.96.3
192.229.221.25
2600:9000:235a:8a00:7:2bfb:7c00:93a1
2a03:2880:f177:185:face:b00c:0:25de
54.90.227.229
74.208.47.213
010551d90aad92d1a4eec13d1825957a844b14397025d1da42b16690036c6e6a
0919e84d7c8e7908f1327d557a1a5a1d9b125d7144008d876adba33ae639a6c7
0f899c21f0762537d9ca3ee6b4a256a1aba35a8ded06c8e20500407dfd60a0a9
1b46489aadd9fa90b5b61ee3aba8088056967f9bccd718d3c61fd6b74e656347
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c11831e7d9896ae9ea72866df04cd39266caca67164a38f6a3fdb9d18ff58fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
316f5bd2d217c6317978c224cb0439a013cf4f804fcf59dba5e6940fe068c44a
3dc97bfd4622f92d2aa9f4929e8e67db8d9d0c5b9ed759a80a624b332251e706
426c1bda55320cd4df845c4315e1994952de64f5b6604ef182ae6df5602f503b
4b385e7db3694aeb7cd0a49c6827711369f20646b84d5ec61e2530c32135f34e
4b6e3298763285f02328c8490b4e03f6daf39509e112f6ca8d5d1f18cde7d2e0
4fed7f7f7a4c1847670eb9485bacb5f8d6e5956c310f55d3dba875c3b0efd01e
5965f75133ab9034554de9befd349f43869a74475f17683f76b3287e645d6f73
5c2edc71bc19415951824b180b2616e98e5853a2fa0abfd5498e644ace713882
7fc10f00bfc1d2278c6067284b47ca3008f2b17646d0ba06fc17fc7a24bd939d
801e34ac2f093756293cc362095ca93d05e8365cea73ede774f6e7fcf6189098
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
85a55acd31f4c4dcfb6b77b18d949fcea07251dc3bbd1e33e3ef81ff846f3d0f
970e6b9ab1bd0b841d2b07cbffff0f944efadd35f974eee2a7936306a687b988
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bda87135ecff4e5ac0506437178e96450da5617e519bad67cc6435ded970b4f4
e2b1f5e9973a753d488fe7683dc9d4882bee69c910974c50fad0e3e23dbd7510
e326b0511e1ea03e09fd48c4650cd55d3b397f89b348ba347a7f6f1f44cffe08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f25b4001f2c76490288209bb418a304f7fee30276789ad4e5077aacf1499e263
ff765071a09da3b5f70aca0bfab1639f9f2a208c015f7b133560df5005956d8d