URL: https://www.money-gnomes.lat/
Submission: On December 02 via automatic, source certstream-suspicious — Scanned from AT

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 91.240.85.223, located in Moscow, Russian Federation and belongs to RU-JSCIOT, RU. The main domain is www.money-gnomes.lat.
TLS certificate: Issued by R3 on December 2nd 2023. Valid for: 3 months.
This is the only time www.money-gnomes.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 91.240.85.223 29182 (RU-JSCIOT)
1 142.250.186.132 15169 (GOOGLE)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 172.67.165.177 13335 (CLOUDFLAR...)
1 172.67.153.206 13335 (CLOUDFLAR...)
1 142.250.186.35 15169 (GOOGLE)
19 6
Domain Requested by
13 www.money-gnomes.lat www.money-gnomes.lat
2 forgame.icu www.money-gnomes.lat
1 www.gstatic.com www.google.com
1 jungle-money.cc www.money-gnomes.lat
1 golden-miners.cc www.money-gnomes.lat
1 www.google.com www.money-gnomes.lat
19 6

This site contains links to these domains. Also see Links.

Domain
golden-miners.cc
jungle-money.cc
Subject Issuer Validity Valid
money-gnomes.lat
R3
2023-12-02 -
2024-03-01
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
forgame.icu
GTS CA 1P5
2023-11-04 -
2024-02-02
3 months crt.sh
golden-miners.cc
GTS CA 1P5
2023-10-29 -
2024-01-27
3 months crt.sh
jungle-money.cc
GTS CA 1P5
2023-10-25 -
2024-01-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.money-gnomes.lat/
Frame ID: EEAC82396AF7F73A30720ACD45A60DA4
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

MONEY-GNOMES.TOP - Заработок на гномах

Detected technologies

Overall confidence: 100%
Detected patterns
  • right\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

1969 kB
Transfer

2322 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.money-gnomes.lat/
18 KB
6 KB
Document
General
Full URL
https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
5078b2da5a5c30ddb85b113d5ea4d702bd8d2a38983e5aef5bf24ce58fce3708

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=cp1251
Date
Sat, 02 Dec 2023 14:28:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.20.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
style.css
www.money-gnomes.lat/style/
18 KB
4 KB
Stylesheet
General
Full URL
https://www.money-gnomes.lat/style/style.css
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
870606fb14e62867c96bb9ed43a4417ab35f15881dc4d6d3a29615fc43783d53

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 17:40:24 GMT
Server
nginx/1.20.2
ETag
W/"603a8408-4678"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sun, 03 Dec 2023 14:28:12 GMT
main.css
www.money-gnomes.lat/style/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.money-gnomes.lat/style/main.css
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
c5794d8e2d2e3a28a31ec34bace72447acf83fc8e912c8fe00aff3777d955eec

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 19:12:02 GMT
Server
nginx/1.20.2
ETag
W/"603a9982-1da3"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sun, 03 Dec 2023 14:28:12 GMT
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
f0659303d2f8cc563f37abb4b477fe88869f79058080b11dd132baa715b5219b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 14:28:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 02 Dec 2023 14:28:12 GMT
jquery.js
www.money-gnomes.lat/js/
56 KB
20 KB
Script
General
Full URL
https://www.money-gnomes.lat/js/jquery.js
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
a317676ff0cfa0e6123253ef1a6714d259e55d03a9ef37968dbb64cd72274bfd

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Feb 2021 05:26:42 GMT
Server
nginx/1.20.2
ETag
W/"6028b492-dfca"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sun, 03 Dec 2023 14:28:12 GMT
functions.js
www.money-gnomes.lat/js/
1 KB
821 B
Script
General
Full URL
https://www.money-gnomes.lat/js/functions.js
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
553d8fb3b48c9115f9a1194b95f35c07f283ae6e8e42a49d1bb52af4a71747e8

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Feb 2021 05:26:42 GMT
Server
nginx/1.20.2
ETag
W/"6028b492-512"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sun, 03 Dec 2023 14:28:12 GMT
fon4.jpg
www.money-gnomes.lat/img/
408 KB
408 KB
Image
General
Full URL
https://www.money-gnomes.lat/img/fon4.jpg
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
c6e21c19e39db6817919e0e5c961b11e595c77f892c7a14e96d07b0dc4ee38b1

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Last-Modified
Sun, 28 Feb 2021 14:31:22 GMT
Server
nginx/1.20.2
ETag
"603ba93a-66037"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
417847
Expires
Sun, 03 Dec 2023 14:28:12 GMT
head_banners_left.js
forgame.icu/
6 KB
1 KB
Script
General
Full URL
https://forgame.icu/head_banners_left.js
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf14deb3c393b064e2c013f7809926c275cfff15c41fba9e94e1642ecd7ad37e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 14:28:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 18:01:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
78243
etag
W/"65662b00-16f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfbP%2Bntj0NfFefl7Ypl9hXA8lGu9qvIiI0My%2BdhcDs%2BI2WFsWeQj8YgURl2zUxm%2BhtobfhNxlWiGJ54z3A4itB40OfkGqo8qIAQV7H5Xzh7GGmZGGIqX1Q30FxN3bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
82f4414ab82cc273-VIE
alt-svc
h3=":443"; ma=86400
expires
Sat, 02 Dec 2023 16:44:09 GMT
head_banners_right.js
forgame.icu/
6 KB
1 KB
Script
General
Full URL
https://forgame.icu/head_banners_right.js
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bb7667f1bc6ad8acae619063e3ca27fc52ce9c4e17f4beb7452e22404a5b866

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 14:28:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 18:01:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
84932
etag
W/"65662b0a-170b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcWSASYFESNEBfFItlzn4VjB%2FBbgogxODqiQKGt581g9sEuylotajpzB%2BgpTJTNg4Yj66cKI%2F7CxxMDDzMxOUisshf4C%2FSUpTfo2s%2BgqQP2ycnR6NouEGTC6Fm%2FeLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
82f4414ae867c273-VIE
alt-svc
h3=":443"; ma=86400
expires
Sat, 02 Dec 2023 14:52:40 GMT
gift-1.png
www.money-gnomes.lat/img/
89 KB
90 KB
Image
General
Full URL
https://www.money-gnomes.lat/img/gift-1.png
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
0559c1c5d296f0f7d363844c80107c556b8c20acf00435c39d6e9740ced9811e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Last-Modified
Sat, 27 Feb 2021 16:21:28 GMT
Server
nginx/1.20.2
ETag
"603a7188-165b3"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91571
Expires
Sun, 03 Dec 2023 14:28:12 GMT
1.png
www.money-gnomes.lat/img/fruit/
239 KB
239 KB
Image
General
Full URL
https://www.money-gnomes.lat/img/fruit/1.png
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
8988d8e99fe7bc0138fd404afadea3665f3b442a614cee8b796c3f771f0758f2

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Last-Modified
Sat, 27 Feb 2021 19:08:52 GMT
Server
nginx/1.20.2
ETag
"603a98c4-3bb56"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
244566
Expires
Sun, 03 Dec 2023 14:28:12 GMT
2.png
www.money-gnomes.lat/img/fruit/
189 KB
189 KB
Image
General
Full URL
https://www.money-gnomes.lat/img/fruit/2.png
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
b40c07e7500eddaab1e94ef919fe26307cf8f79574eec1788cb207a969219963

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Last-Modified
Sat, 27 Feb 2021 19:09:10 GMT
Server
nginx/1.20.2
ETag
"603a98d6-2f2a0"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
193184
Expires
Sun, 03 Dec 2023 14:28:12 GMT
3.png
www.money-gnomes.lat/img/fruit/
216 KB
216 KB
Image
General
Full URL
https://www.money-gnomes.lat/img/fruit/3.png
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
719eac97f8acf6036615fd353b77f755e26d05e7f443942d2fccec6057286f5e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Last-Modified
Sat, 27 Feb 2021 19:09:34 GMT
Server
nginx/1.20.2
ETag
"603a98ee-35e5d"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
220765
Expires
Sun, 03 Dec 2023 14:28:12 GMT
4.png
www.money-gnomes.lat/img/fruit/
246 KB
246 KB
Image
General
Full URL
https://www.money-gnomes.lat/img/fruit/4.png
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
3805298dc560ecb4603791b5e20b01e4e5469c3fd6b1499b334c0cf2c56ec84b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Last-Modified
Sat, 27 Feb 2021 19:09:46 GMT
Server
nginx/1.20.2
ETag
"603a98fa-3d820"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251936
Expires
Sun, 03 Dec 2023 14:28:12 GMT
5.png
www.money-gnomes.lat/img/fruit/
190 KB
190 KB
Image
General
Full URL
https://www.money-gnomes.lat/img/fruit/5.png
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
a98af5710cacb974b792d3c937b526a4523a0724a3d97b9bf428d489ac77c0a1

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:12 GMT
Last-Modified
Sat, 27 Feb 2021 19:09:58 GMT
Server
nginx/1.20.2
ETag
"603a9906-2f70c"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
194316
Expires
Sun, 03 Dec 2023 14:28:12 GMT
fon2.png
www.money-gnomes.lat/img/
73 KB
73 KB
Image
General
Full URL
https://www.money-gnomes.lat/img/fon2.png
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.240.85.223 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
birds-money.biz
Software
nginx/1.20.2 /
Resource Hash
00c64f4760a3c9430696d24a9963ed027791f951a5fd18dca21ad32505b77f1d

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 14:28:13 GMT
Last-Modified
Sat, 27 Feb 2021 17:24:58 GMT
Server
nginx/1.20.2
ETag
"603a806a-12341"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74561
Expires
Sun, 03 Dec 2023 14:28:13 GMT
468x60.jpg
golden-miners.cc/img/
48 KB
49 KB
Image
General
Full URL
https://golden-miners.cc/img/468x60.jpg
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.165.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7fcf091e36fbb56f9ef31d8678006a2f2ae42c71c850906b5764caf2615f328

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 14:28:13 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 21:42:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60b55842-c1a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyLGPp%2Bc1RavmRL1K%2B1yqZxoYDBDzatrasrtQ2Gq0ZyNRjouyx9ohRWoBuA6Xi8Haxvze8bkGZxRq6I0UaTZcyPU3DxgWuYT6ZawpULKQgKps8Bl5cx%2FWalhOiuYBVcC4hr0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
82f4414cbac33255-VIE
alt-svc
h3=":443"; ma=86400
content-length
49577
expires
Sun, 03 Dec 2023 14:28:13 GMT
468x60.jpg
jungle-money.cc/img/
43 KB
44 KB
Image
General
Full URL
https://jungle-money.cc/img/468x60.jpg
Requested by
Host: www.money-gnomes.lat
URL: https://www.money-gnomes.lat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.153.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1058a2f7a2053947ee4dd9125d40ec7a7ffa61308042c7175510c63a735756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.money-gnomes.lat/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 14:28:14 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
43977
last-modified
Mon, 04 Jan 2021 21:50:54 GMT
server
cloudflare
etag
"5ff38dbe-abc9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1Zp0EGEYa5hH4JeMCwmocgaqN%2FEgQHutu8lRtv%2FnGfR0KcOol%2FlVPm5hDZQoeGHI8TlJBPlKhuBs%2FKB8CoU%2Fk2zsKjV0YJElyTG8%2FgF0GQDHuX2KrDtJYUyxA29%2F%2BVNl04%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
82f4414cbe845b12-VIE
expires
Sun, 03 Dec 2023 14:28:13 GMT
recaptcha__de_at.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_at.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
40cdc696ba835163b88d3501e605be2ec6e19978c28a3bd5bb1eac45d1c6715e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.money-gnomes.lat/
Origin
https://www.money-gnomes.lat
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 07:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192024
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 07:21:19 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| ResetCaptcha function| GetSumPer string| valuta function| SetVal function| PaymentSum number| a object| image number| b object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

1 Cookies

Domain/Path Name / Value
www.money-gnomes.lat/ Name: PHPSESSID
Value: 1tt77151uqprf9hlmr1uoncds1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

forgame.icu
golden-miners.cc
jungle-money.cc
www.google.com
www.gstatic.com
www.money-gnomes.lat
142.250.186.132
142.250.186.35
172.67.153.206
172.67.165.177
188.114.96.3
91.240.85.223
00c64f4760a3c9430696d24a9963ed027791f951a5fd18dca21ad32505b77f1d
0559c1c5d296f0f7d363844c80107c556b8c20acf00435c39d6e9740ced9811e
2bb7667f1bc6ad8acae619063e3ca27fc52ce9c4e17f4beb7452e22404a5b866
3805298dc560ecb4603791b5e20b01e4e5469c3fd6b1499b334c0cf2c56ec84b
3c1058a2f7a2053947ee4dd9125d40ec7a7ffa61308042c7175510c63a735756
40cdc696ba835163b88d3501e605be2ec6e19978c28a3bd5bb1eac45d1c6715e
5078b2da5a5c30ddb85b113d5ea4d702bd8d2a38983e5aef5bf24ce58fce3708
553d8fb3b48c9115f9a1194b95f35c07f283ae6e8e42a49d1bb52af4a71747e8
719eac97f8acf6036615fd353b77f755e26d05e7f443942d2fccec6057286f5e
870606fb14e62867c96bb9ed43a4417ab35f15881dc4d6d3a29615fc43783d53
8988d8e99fe7bc0138fd404afadea3665f3b442a614cee8b796c3f771f0758f2
a317676ff0cfa0e6123253ef1a6714d259e55d03a9ef37968dbb64cd72274bfd
a98af5710cacb974b792d3c937b526a4523a0724a3d97b9bf428d489ac77c0a1
b40c07e7500eddaab1e94ef919fe26307cf8f79574eec1788cb207a969219963
bf14deb3c393b064e2c013f7809926c275cfff15c41fba9e94e1642ecd7ad37e
c5794d8e2d2e3a28a31ec34bace72447acf83fc8e912c8fe00aff3777d955eec
c6e21c19e39db6817919e0e5c961b11e595c77f892c7a14e96d07b0dc4ee38b1
f0659303d2f8cc563f37abb4b477fe88869f79058080b11dd132baa715b5219b
f7fcf091e36fbb56f9ef31d8678006a2f2ae42c71c850906b5764caf2615f328