urlscan.io logo urlscan.io
SecurityTrails logo

moneyfarmingeu.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://moneyfarmingeu.com/
Submission: On August 07 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is moneyfarmingeu.com.
TLS certificate: Issued by GTS CA 1P5 on August 7th 2023. Valid for: 3 months.
This is the only time moneyfarmingeu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 4
Apex Domain
Subdomains		 Transfer
5 hell-leads.win
hell-leads.win
69 KB
1 gstatic.com
fonts.gstatic.com
689 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
1 moneyfarmingeu.com
moneyfarmingeu.com
2 KB
8 4
Domain Requested by
5 hell-leads.win moneyfarmingeu.com
hell-leads.win
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com hell-leads.win
1 moneyfarmingeu.com
8 4

This site contains no links.

Subject Issuer Validity Valid
moneyfarmingeu.com
GTS CA 1P5		 2023-08-07 -
2023-11-05		 3 months crt.sh
hell-leads.win
GTS CA 1P5		 2023-07-12 -
2023-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://moneyfarmingeu.com/
Frame ID: 501500DB494AD6A67731CCC61F16EF44
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Offer

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

763 kB
Transfer

933 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
moneyfarmingeu.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moneyfarmingeu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa127e85672665cdbf760ffcfcac48653ef31519398771e84a5c74cc12414c93

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f336aa7cd4eb7a3-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 23:49:31 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMXEeAW%2FzYchfvZB%2BQq3w77tT8Z%2BtKU4Ksily2ca6PkWMGbUWhyQwylImha2lXqpjHYOCk81L2KEdZ%2F%2F5NG3AIxm2ucmFOYkpVDCj9Q1pqpEoSfkBNLeERZ%2FjKXTACcniyucA18oY20KeWDRVUcV61M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
valid.css
hell-leads.win/validation/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hell-leads.win/validation/valid.css
Requested by
Host: moneyfarmingeu.com
URL: https://moneyfarmingeu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d94d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c6686d1fd249792aaff42267e52bfc8a6fdc73d0066df0b4b2656f0b6ba4f9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moneyfarmingeu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 23:49:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Apr 2023 08:24:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6437bc41-639"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72uglleRnJfJuPLbE7thXoprFKOmwKH8bpA2%2BMIIQMkISLyvl6Ipbx7r2uA2I17tcqECv3m3eWT0zSoZ8UWJDh6xG0iKEKhp5im%2BwUVIA4d%2F0WesmdzdCi63FMXxm1SDuEQ49ZXH5rUyTyh%2BAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7f336aa8bbbdb7f1-AMS
alt-svc
h3=":443"; ma=86400
valid.js
hell-leads.win/validation/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hell-leads.win/validation/valid.js
Requested by
Host: moneyfarmingeu.com
URL: https://moneyfarmingeu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d94d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549878fc0f529c0cf60a86665a49107bb30c4b0f78c4ba6ddf97cebbfaa0303f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moneyfarmingeu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 23:49:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 31 May 2023 15:11:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"647763a7-498f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PR%2FJsSHrCiHAl5W6m2LjXFBLaxHS1ICaiohWSC7CvL%2FpXFtkStMgHNIbzWkonyIFLqMqGiCznuG3v3naRXr%2FbwH52xr72LoT6FQ2dijubRz6rZzFEiaGUyWD8iSTfiDTzqzqgICo9GKC3jtM1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7f336aa8bbc0b7f1-AMS
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Color+Emoji&display=swap
Requested by
Host: hell-leads.win
URL: https://hell-leads.win/validation/valid.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d57499b4f4bb05c6417b948379919afaf514dee36dde70f7f3cbb663bb1263c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hell-leads.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Aug 2023 23:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 21:55:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Aug 2023 23:49:31 GMT
/
hell-leads.win/ip/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hell-leads.win/ip/
Requested by
Host: hell-leads.win
URL: https://hell-leads.win/validation/valid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d94d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.8
Resource Hash
4797b505068e2b05029daec877a3419177da121ef4ed4d1230c6132e46bef5c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moneyfarmingeu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 23:49:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bao35YFr2bXjMnVSCEIDuSS0wC3EDuVZeGya8YSQZKY2r5b1LsWCoh62GF3mDxwaLVZegx3BO1WF8cNIDs5OZ5qIC%2BR7zf5nZFBb3X8568i5cdhKnt9X0yj6418wiLRjVDdHZe64XmIFXSX7aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf8
access-control-allow-origin
*
cf-ray
7f336aab0e181c8d-AMS
alt-svc
h3=":443"; ma=86400
libphonenumber-max.js
hell-leads.win/validation/ 		207 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hell-leads.win/validation/libphonenumber-max.js
Requested by
Host: hell-leads.win
URL: https://hell-leads.win/validation/valid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d94d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b2638a8273dc5ba4dc5f94d58d679fcbc2f70f3cf830f11a32ef03dd7c158e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moneyfarmingeu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 23:49:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Apr 2023 10:53:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6437df2f-33dcb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyB79Aaf7Iz0OFu8%2Bht7Il%2FWgWH1VL5ZxNOUEbQ4oTHCuBYRnNsPgNTjsOXhU%2Bcz95G8E6rJYlSMFm34evxnWBnrthaMkHJdzr7edLX%2F%2Bq%2B1zRvp4hAcloigaRa8C6LYdpABiLzRp6YAA%2FWbXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7f336aac1db7b7f1-AMS
alt-svc
h3=":443"; ma=86400
examples.mobile.json
hell-leads.win/validation/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hell-leads.win/validation/examples.mobile.json
Requested by
Host: hell-leads.win
URL: https://hell-leads.win/validation/valid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d94d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca48a3df1d55d0a16dbccc7c1ed89ac4a604a1fbb5825db8ee1947798b74a8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moneyfarmingeu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 23:49:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 13 Apr 2023 10:51:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6437de9c-fdd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBw5BGcGrdiaqfGjw2ltclvNMbkzkAeomUf1KagdWcrfzVTqSehpfadIkFT70Fz1rLgD0Lge6ELmla5okcv7%2FmS9HpuFW4W6jVxdwR%2BLGvHhA8Ce4xhdG%2BsrfRkm%2FiKcuE73ZyS8%2FrqKAyUoXw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cf-ray
7f336aadbf83b92c-AMS
alt-svc
h3=":443"; ma=86400
Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.0.woff2
fonts.gstatic.com/s/notocoloremoji/v25/ 		688 KB
689 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notocoloremoji/v25/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Color+Emoji&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3046f8882510b58453a1b2fc5c296a46834b39daff4854c9115a387cf8d40114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://moneyfarmingeu.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 21:55:05 GMT
x-content-type-options
nosniff
age
179667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
704380
x-xss-protection
0
last-modified
Tue, 30 May 2023 20:53:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 21:55:05 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setCC function| openCodeSelect undefined| gtag object| libphonenumber

3 Cookies

Domain/Path Name / Value
moneyfarmingeu.com/ Name: _subid
Value: 3jr3qu51q8r4
moneyfarmingeu.com/ Name: c8c12
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MTE5XCI6MTY5MTQ1MjE3MX0sXCJjYW1wYWlnbnNcIjp7XCIzOTUxXCI6MTY5MTQ1MjE3MX0sXCJ0aW1lXCI6MTY5MTQ1MjE3MX0ifQ.NlIWGqYC5Rv4eRbQUUAzNigy5K8KXCktxv_VHXPIbj0
moneyfarmingeu.com/ Name: _token
Value: uuid_3jr3qu51q8r4_3jr3qu51q8r464d1830b7a4724.90482198