urlscan.io logo urlscan.io
SecurityTrails logo

jokefaucet.com Open in urlscan Pro
185.158.248.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thunda.co/block
Effective URL: https://jokefaucet.com/
Submission Tags: falconsandbox
Submission: On September 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 10 domains to perform 18 HTTP transactions. The main IP is 185.158.248.97, located in Voluntari, Romania and belongs to M247, GB. The main domain is jokefaucet.com.
TLS certificate: Issued by R3 on July 31st 2021. Valid for: 3 months.
This is the only time jokefaucet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2600:3c02::f0... 63949 (LINODE-AP...)
1 1 198.134.116.30 27257 (WEBAIR-IN...)
3 3 213.227.135.229 60781 (LEASEWEB-...)
1 144.76.102.187 24940 (HETZNER-AS)
1 104.21.80.230 13335 (CLOUDFLAR...)
1 172.67.171.70 13335 (CLOUDFLAR...)
1 2 54.236.207.160 14618 (AMAZON-AES)
1 3 185.158.248.97 9009 (M247)
1 9 104.16.168.131 13335 (CLOUDFLAR...)
2 78.46.33.196 24940 (HETZNER-AS)
18 9
2    2600:3c02::f03c:91ff:fee2:5b0f (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
thunda.co
1    198.134.116.30 (Grapevine, United States)

ASN27257 (WEBAIR-INTERNET, US)
click.expmediadirect1.com
3    213.227.135.229 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
biggerpicture.g2afse.com
1    144.76.102.187 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.102.76.144.clients.your-server.de
armr.trckswrm.com
1    104.21.80.230 (None, )

ASN13335 (CLOUDFLARENET, US)
bercioles.com
1    172.67.171.70 (United States)

ASN13335 (CLOUDFLARENET, US)
poqueras.com
2    54.236.207.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-207-160.compute-1.amazonaws.com
p.asce.xyz
3    185.158.248.97 (Voluntari, Romania)

ASN9009 (M247, GB)
PTR: vdrt.dswohg.com
jokefaucet.com
9    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
2    78.46.33.196 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.33.46.78.clients.your-server.de
ad.a-ads.com
static.a-ads.com
Domain Requested by
6 newassets.hcaptcha.com jokefaucet.com
hcaptcha.com
newassets.hcaptcha.com
3 hcaptcha.com 1 redirects newassets.hcaptcha.com
3 jokefaucet.com 1 redirects p.asce.xyz
jokefaucet.com
3 biggerpicture.g2afse.com 3 redirects
2 p.asce.xyz 1 redirects poqueras.com
2 thunda.co thunda.co
1 static.a-ads.com ad.a-ads.com
1 ad.a-ads.com jokefaucet.com
1 poqueras.com bercioles.com
1 bercioles.com armr.trckswrm.com
1 armr.trckswrm.com thunda.co
1 click.expmediadirect1.com 1 redirects
18 12

This site contains links to these domains. Also see Links.

Domain
smoll.fun
onlinetools.monster
lokio.xyz
Subject Issuer Validity Valid
armr.trckswrm.com
R3		 2021-07-17 -
2021-10-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-10 -
2021-11-09		 a year crt.sh
jokefaucet.com
R3		 2021-07-31 -
2021-10-29		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh

This page contains 4 frames:

Primary Page: https://jokefaucet.com/
Frame ID: E2045DDF39F10CAD736B5D8DCDFF059B
Requests: 9 HTTP requests in this frame

Frame: https://ad.a-ads.com/1608337?size=160x600
Frame ID: B1EEFF4D914D5F7A051393ADB9000CF2
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html
Frame ID: C2C5381A0822103CAD20624DB426F83C
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-checkbox.html
Frame ID: 9CABBEE32B302E23801BCD9BDF5034F5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Joke Faucet - leaking new jokes every day

Page URL History Show full URLs

  1. http://thunda.co/block Page URL
  2. http://thunda.co/page/bouncy.php?&bpae=Gbh%2Bdq0Gokx7j3NUZsZyfvwsLSZ9Jis92ncIYT0TxPv6zALrHxfL... Page URL
  3. http://click.expmediadirect1.com/click?i=KEOAQg6la3c_0 HTTP 302
    http://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
    https://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
    https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
    https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 Page URL
  4. http://bercioles.com/redirect?id=82&auth=82ead305c138eb8fefc6187658dc9b5e4d67d425&sid=154&clk=Am8... Page URL
  5. https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D Page URL
  6. http://p.asce.xyz/go/216668/575137?wnw=false Page URL
  7. http://p.asce.xyz/ad/ad?p=216668&w=575137&t=c5ea65966ac37cf6&r=aHR0cHMlM0ElMkYlMkZwb3F1ZXJhcy5... HTTP 303
    https://jokefaucet.com/?cp=19833 HTTP 302
    https://jokefaucet.com/ Page URL

Page Statistics

18
Requests

78 %
HTTPS

10 %
IPv6

10
Domains

12
Subdomains

9
IPs

5
Countries

1164 kB
Transfer

2004 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thunda.co/block Page URL
  2. http://thunda.co/page/bouncy.php?&bpae=Gbh%2Bdq0Gokx7j3NUZsZyfvwsLSZ9Jis92ncIYT0TxPv6zALrHxfLiNjVmllzfbm9%2Bvt%2Fa8PohGJw2pdIbXdwQi5AwFN6Px85k1%2F5rUPQnk9uQUZArMZQ91IhlfswjX8lvc91DdLHSbCFhTWNgkFMbS9G7Wrriv7%2BBL1KrxhSgPL%2Fd7FI1KZoQwNi1ifNjgNTNDpfEaHTRiRf5HQSdsEYKZxwRElSBs3u%2F387yegOIAPs2VJKPv2zjoiLDUZwIQF5%2FHYzv0rJ7MPhtQZaveEtrt6jX8A0mFdECu4ypwSS1Lf8Ty7sYQR%2FGYgZhvQyZecBRJWY%2BrLbQ2mc4wedqs29rihpuDzbGMquXYB%2B44ChttfVYC%2BHlHstaRFzCpcIOx1FHPreessx4ScbNU7enR23DoWdj3TsXtQs&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. http://click.expmediadirect1.com/click?i=KEOAQg6la3c_0 HTTP 302
    http://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
    https://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
    https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
    https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 Page URL
  4. http://bercioles.com/redirect?id=82&auth=82ead305c138eb8fefc6187658dc9b5e4d67d425&sid=154&clk=Am8pFMEAAAF8AS1YfgAAAlEAAACaAAABMg Page URL
  5. https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D Page URL
  6. http://p.asce.xyz/go/216668/575137?wnw=false Page URL
  7. http://p.asce.xyz/ad/ad?p=216668&w=575137&t=c5ea65966ac37cf6&r=aHR0cHMlM0ElMkYlMkZwb3F1ZXJhcy5jb20lMkY=&vw=1600&vh=1200 HTTP 303
    https://jokefaucet.com/?cp=19833 HTTP 302
    https://jokefaucet.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://click.expmediadirect1.com/click?i=KEOAQg6la3c_0 HTTP 302
  • http://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
  • https://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
  • https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
  • https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154
Request Chain 7
  • https://hcaptcha.com/1/api.js HTTP 302
  • https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
block
thunda.co/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://thunda.co/block
Protocol
HTTP/1.1
Server
2600:3c02::f03c:91ff:fee2:5b0f Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash

Request headers

Host
thunda.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 20 Sep 2021 03:08:40 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By
PHP/5.5.38
Content-Length
1966
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bouncy.php
thunda.co/page/ 		688 B
948 B 		Document
General
Check archive.org
Download Go to
Full URL
http://thunda.co/page/bouncy.php?&bpae=Gbh%2Bdq0Gokx7j3NUZsZyfvwsLSZ9Jis92ncIYT0TxPv6zALrHxfLiNjVmllzfbm9%2Bvt%2Fa8PohGJw2pdIbXdwQi5AwFN6Px85k1%2F5rUPQnk9uQUZArMZQ91IhlfswjX8lvc91DdLHSbCFhTWNgkFMbS9G7Wrriv7%2BBL1KrxhSgPL%2Fd7FI1KZoQwNi1ifNjgNTNDpfEaHTRiRf5HQSdsEYKZxwRElSBs3u%2F387yegOIAPs2VJKPv2zjoiLDUZwIQF5%2FHYzv0rJ7MPhtQZaveEtrt6jX8A0mFdECu4ypwSS1Lf8Ty7sYQR%2FGYgZhvQyZecBRJWY%2BrLbQ2mc4wedqs29rihpuDzbGMquXYB%2B44ChttfVYC%2BHlHstaRFzCpcIOx1FHPreessx4ScbNU7enR23DoWdj3TsXtQs&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: thunda.co
URL: http://thunda.co/block
Protocol
HTTP/1.1
Server
2600:3c02::f03c:91ff:fee2:5b0f Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash

Request headers

Host
thunda.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://thunda.co/block
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://thunda.co/block

Response headers

Date
Mon, 20 Sep 2021 03:08:40 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By
PHP/5.5.38
Content-Length
688
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
recommendation
armr.trckswrm.com/
Redirect Chain
  • http://click.expmediadirect1.com/click?i=KEOAQg6la3c_0
  • http://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source]
  • https://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source]
  • https://biggerpicture.g2afse.com/click?pid=1&offer_id=188
  • https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154
211 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154
Requested by
Host: thunda.co
URL: http://thunda.co/page/bouncy.php?&bpae=Gbh%2Bdq0Gokx7j3NUZsZyfvwsLSZ9Jis92ncIYT0TxPv6zALrHxfLiNjVmllzfbm9%2Bvt%2Fa8PohGJw2pdIbXdwQi5AwFN6Px85k1%2F5rUPQnk9uQUZArMZQ91IhlfswjX8lvc91DdLHSbCFhTWNgkFMbS9G7Wrriv7%2BBL1KrxhSgPL%2Fd7FI1KZoQwNi1ifNjgNTNDpfEaHTRiRf5HQSdsEYKZxwRElSBs3u%2F387yegOIAPs2VJKPv2zjoiLDUZwIQF5%2FHYzv0rJ7MPhtQZaveEtrt6jX8A0mFdECu4ypwSS1Lf8Ty7sYQR%2FGYgZhvQyZecBRJWY%2BrLbQ2mc4wedqs29rihpuDzbGMquXYB%2B44ChttfVYC%2BHlHstaRFzCpcIOx1FHPreessx4ScbNU7enR23DoWdj3TsXtQs&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.76.102.187 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.187.102.76.144.clients.your-server.de
Software
/
Resource Hash

Request headers

Host
armr.trckswrm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://thunda.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://thunda.co/page/bouncy.php?&bpae=Gbh%2Bdq0Gokx7j3NUZsZyfvwsLSZ9Jis92ncIYT0TxPv6zALrHxfLiNjVmllzfbm9%2Bvt%2Fa8PohGJw2pdIbXdwQi5AwFN6Px85k1%2F5rUPQnk9uQUZArMZQ91IhlfswjX8lvc91DdLHSbCFhTWNgkFMbS9G7Wrriv7%2BBL1KrxhSgPL%2Fd7FI1KZoQwNi1ifNjgNTNDpfEaHTRiRf5HQSdsEYKZxwRElSBs3u%2F387yegOIAPs2VJKPv2zjoiLDUZwIQF5%2FHYzv0rJ7MPhtQZaveEtrt6jX8A0mFdECu4ypwSS1Lf8Ty7sYQR%2FGYgZhvQyZecBRJWY%2BrLbQ2mc4wedqs29rihpuDzbGMquXYB%2B44ChttfVYC%2BHlHstaRFzCpcIOx1FHPreessx4ScbNU7enR23DoWdj3TsXtQs&redirectType=js&inIframe=false&inPopUp=false

Response headers

content-length
211
date
Mon, 20 Sep 2021 03:08:41 GMT

Redirect headers

server
nginx
date
Mon, 20 Sep 2021 03:08:41 GMT
content-length
0
location
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154
set-cookie
afclick=6147fb39b1e33300012fcfbe; expires=Tue, 20 Sep 2022 03:08:41 GMT; secure; SameSite=None afoffers={"188":1632107321}; expires=Tue, 20 Sep 2022 03:08:41 GMT; secure; SameSite=None
access-control-allow-origin
*
redirect
bercioles.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bercioles.com/redirect?id=82&auth=82ead305c138eb8fefc6187658dc9b5e4d67d425&sid=154&clk=Am8pFMEAAAF8AS1YfgAAAlEAAACaAAABMg
Requested by
Host: armr.trckswrm.com
URL: https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154
Protocol
HTTP/1.1
Server
104.21.80.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a4b4c997a64b0f4d8e05774ee9c0cad7734e938d725a87ca07f326ad23bc1a

Request headers

Host
bercioles.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 20 Sep 2021 03:08:41 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
referrer-policy
origin
vary
accept-encoding
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6qTQFEgG2yPpVUIr8RtMp1%2BS%2BymYGEIIRSv5SZAMQk8V45Ql13vgvwiDsu0iJhAuy4PuUXlLc9Sebn3NJStGFvf%2FdmtIJpZ0RQuz2bbGNQnKKIPIGqwCBhQFEKFkQJ3"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6917d9c7a9960834-CDG
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
slope
poqueras.com/noid/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D
Requested by
Host: bercioles.com
URL: http://bercioles.com/redirect?id=82&auth=82ead305c138eb8fefc6187658dc9b5e4d67d425&sid=154&clk=Am8pFMEAAAF8AS1YfgAAAlEAAACaAAABMg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
poqueras.com
:scheme
https
:path
/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://bercioles.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bercioles.com/

Response headers

date
Mon, 20 Sep 2021 03:08:41 GMT
content-type
text/html;charset=ISO-8859-1
referrer-policy
origin
cache-control
no-store, no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdJLHCxOuEcCxHteGPWDVu0gCSLpL90Bz57ENxJq2YSOyoV%2F5EufJNJ2DfiVZc3lvDKK0pShF5dc3yMtktEw7GoeHJ2qo6Mk7jDbwnsk%2F0er0TTFj7u%2FOnyRBMs56gI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6917d9c9cafd3b7f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
575137
p.asce.xyz/go/216668/ 		466 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
http://p.asce.xyz/go/216668/575137?wnw=false
Requested by
Host: poqueras.com
URL: https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D
Protocol
HTTP/1.1
Server
54.236.207.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-207-160.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3e8eef1799c3bafc1c9d61221c71f7f89cf1bd0e36c0c6351fc3e1e1acd62826

Request headers

Host
p.asce.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
https://poqueras.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://poqueras.com/

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 20 Sep 2021 03:08:42 GMT
Server
nginx
Vary
Accept-Encoding
Content-Length
306
Connection
keep-alive
Primary Request /
jokefaucet.com/
Redirect Chain
  • http://p.asce.xyz/ad/ad?p=216668&w=575137&t=c5ea65966ac37cf6&r=aHR0cHMlM0ElMkYlMkZwb3F1ZXJhcy5jb20lMkY=&vw=1600&vh=1200
  • https://jokefaucet.com/?cp=19833
  • https://jokefaucet.com/
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jokefaucet.com/
Requested by
Host: p.asce.xyz
URL: http://p.asce.xyz/go/216668/575137?wnw=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.158.248.97 Voluntari, Romania, ASN9009 (M247, GB),
Reverse DNS
vdrt.dswohg.com
Software
nginx/1.14.2 /
Resource Hash
669c00972143e77afe1b05e169de31464fb5b983b5ea9fa8a172d223b26f2424

Request headers

Host
jokefaucet.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://p.asce.xyz/
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=53ho7v74d60jau3m8n069tfiqp; r=19833
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://p.asce.xyz/go/216668/575137?wnw=false

Response headers

Server
nginx/1.14.2
Date
Mon, 20 Sep 2021 03:08:42 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx/1.14.2
Date
Mon, 20 Sep 2021 03:08:42 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PHPSESSID=53ho7v74d60jau3m8n069tfiqp; path=/ r=19833; expires=Wed, 20-Oct-2021 03:08:42 GMT; Max-Age=2592000; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://jokefaucet.com
jokefaucet.gif
jokefaucet.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jokefaucet.com/jokefaucet.gif
Requested by
Host: jokefaucet.com
URL: https://jokefaucet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.158.248.97 Voluntari, Romania, ASN9009 (M247, GB),
Reverse DNS
vdrt.dswohg.com
Software
nginx/1.14.2 /
Resource Hash
d49ac2252725e0696300fa10e23f6153b78e81ccb3c29859878cd7512968b034

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
jokefaucet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://jokefaucet.com/
Cookie
PHPSESSID=53ho7v74d60jau3m8n069tfiqp; r=19833
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://jokefaucet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 20 Sep 2021 03:08:42 GMT
Last-Modified
Fri, 02 Apr 2021 18:37:04 GMT
Server
nginx/1.14.2
ETag
"60676450-11b5"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4533
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/2ebd8c0/
Redirect Chain
  • https://hcaptcha.com/1/api.js
  • https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js
84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js
Requested by
Host: jokefaucet.com
URL: https://jokefaucet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d85d63b65c54797ae0d01e6c4118cfc89bf38d03feae40eae319f8c6951d5a4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jokefaucet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 03:08:42 GMT
via
1.1 6d865250c628e9708a223a07778aa5b8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
378264
cf-polished
origSize=86505
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 15 Sep 2021 18:03:43 GMT
server
cloudflare
etag
W/"0b1744fbfa0727636ebe11666fed1e39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
CDG52-P1
cf-ray
6917d9cf29dd3a23-CDG
x-amz-cf-id
s4GVRI9KEeNU7FbU17VcG_ITHbCcauoWdKsvUS7pAmsPXJnM01hOjQ==
cf-bgj
minify

Redirect headers

date
Mon, 20 Sep 2021 03:08:42 GMT
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
6917d9ced9b43a23-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
1608337
ad.a-ads.com/ Frame B1EE 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1608337?size=160x600
Requested by
Host: jokefaucet.com
URL: https://jokefaucet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.33.196 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.33.46.78.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
e559e8e944d6bf35ab0625481e0e0a5c41cd83944bbb915100d4ac3e9aca6a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jokefaucet.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jokefaucet.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 20 Sep 2021 03:08:42 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://jokefaucet.com/
Content-Encoding
gzip
160x600
static.a-ads.com/a-ads-banners/118227/ Frame B1EE 		689 KB
690 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/118227/160x600?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1608337?size=160x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.33.196 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.33.46.78.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
42f27d2f859e661bf8814f9dbc2ed32dcb351b5ca6218d81286837e5ca58be9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 20 Sep 2021 03:08:42 GMT
Last-Modified
Sun, 26 Apr 2020 07:21:07 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
ESD1MRGF7BZACESX
ETag
"8c596fcf4e7e9b1c0337a9c020ce3823"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
705872
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
rr5_nGh8uQGwGjEfz_gFLT.XmIxLpu65
x-amz-id-2
axfvT3saJatRG6UOQLut4K/Ogt33ctBmP9gDeZ28QCm3wvr6kZEOVRncczxNCm8dhghWsyktZbI=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame B1EE 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/ Frame C2C5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc74097189feb2901ef6d2e9a24098ea132ae0c35ea2ded270f96b0458868ac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
newassets.hcaptcha.com
:scheme
https
:path
/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jokefaucet.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jokefaucet.com/

Response headers

date
Mon, 20 Sep 2021 03:08:42 GMT
content-type
text/html
last-modified
Wed, 15 Sep 2021 18:03:43 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 c5f2c8f2b8922a39129e7a665358cf9f.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
x-amz-cf-id
VbmLKAjme5rIQ-Gdd6PxtKOy-MYfZHf7J3ysSH1jgSbWpNTWvh31iA==
age
378265
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6917d9cf7a103a23-CDG
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/ Frame 9CAB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab55f777b7aeb2a5b0014ab2fd080d58e85ef4a7be872e6726990ccae56b9564
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
newassets.hcaptcha.com
:scheme
https
:path
/captcha/v1/2ebd8c0/static/hcaptcha-checkbox.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jokefaucet.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jokefaucet.com/

Response headers

date
Mon, 20 Sep 2021 03:08:42 GMT
content-type
text/html
last-modified
Wed, 15 Sep 2021 18:03:43 GMT
cache-control
max-age=1209600
x-cache
Hit from cloudfront
via
1.1 735196fd5afd6302b77cda2a15be051f.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
x-amz-cf-id
ojHgFVGhHUkXTghNkMSgKbdUo2sk3hyDdkV2XjMOWmd94d5FGw6DDQ==
age
378265
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6917d9cf7a113a23-CDG
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/2ebd8c0/ Frame C2C5 		211 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be1e03fe7d3a2c872ad403c2355b799b848d97bb797e2f65a781fd578b4ded0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 03:08:42 GMT
via
1.1 25ad1b0937f8931040e6831f872b7399.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
378263
cf-polished
origSize=215884
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 15 Sep 2021 18:03:42 GMT
server
cloudflare
etag
W/"3a8986c606b9363d57bc6aba265fbbf3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
CDG52-P1
cf-ray
6917d9cfcd74400d-CDG
x-amz-cf-id
z96Fo5crZ62PMP1AjjlTm6b0vGLpsxDjU3IRZvvAGUdrgBeUYjXnXA==
cf-bgj
minify
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/2ebd8c0/ Frame 9CAB 		134 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-checkbox.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75540136f3178e826aecc065866107906b4292df41c28aeac20aab00a0dba7b0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-checkbox.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 03:08:42 GMT
via
1.1 ad6a8626693b859ee3661bdf278729f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
378263
cf-polished
origSize=137703
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 15 Sep 2021 18:03:43 GMT
server
cloudflare
etag
W/"ff2aeb8b9ea0448859e308590c020b8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
CDG52-P1
cf-ray
6917d9cfdd7c400d-CDG
x-amz-cf-id
5TSE3yAj1gAx9rT_Y0PsY_g25UCyreWaXr8ylVARQeE_o6Hhr0saaQ==
cf-bgj
minify
truncated
/ Frame 9CAB 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 9CAB 		508 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?host=jokefaucet.com&sitekey=4ecacbfd-27cb-4d50-a402-593094980cea&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070078ece6bc726769b77c87337aa1220a52755f3e49255d5e2c7170f220f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 20 Sep 2021 03:08:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
6917d9d0fe2d400d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?host=jokefaucet.com&sitekey=4ecacbfd-27cb-4d50-a402-593094980cea&sc=1&swa=1
Protocol
H3
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,content-type
Origin
https://newassets.hcaptcha.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 20 Sep 2021 03:08:43 GMT
content-length
0
access-control-allow-origin
https://newassets.hcaptcha.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6917d9d0ce283bce-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/30d7592d/ Frame C2C5 		853 KB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/30d7592d/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a3867381adb7e33c6dbad98c7b1ac198e873340ed24cf3f7c03ef139f403d8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 03:08:43 GMT
via
1.1 6005ade476005cae71525d1ec56100f8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
407106
cf-polished
origSize=873288
x-cache
Miss from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 15 Sep 2021 10:01:41 GMT
server
cloudflare
etag
W/"373c84793b699a747aae557d2514a87e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
LHR3-C1
cf-ray
6917d9d12e50400d-CDG
x-amz-cf-id
8KjlD-MjUq2Ah39bE8KtNcvZnYDZtKe02iTQMcTl-irJFAJ5NKXvDA==
cf-bgj
minify

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster function| eshete function| M function| X function| V function| Y function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol object| hcaptcha object| grecaptcha

4 Cookies

Domain/Path Name / Value
biggerpicture.g2afse.com/ Name: afclick
Value: 6147fb39b1e33300012fcfbe
biggerpicture.g2afse.com/ Name: afoffers
Value: {"188":1632107321}
jokefaucet.com/ Name: PHPSESSID
Value: 53ho7v74d60jau3m8n069tfiqp
jokefaucet.com/ Name: r
Value: 19833

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
armr.trckswrm.com
bercioles.com
biggerpicture.g2afse.com
click.expmediadirect1.com
hcaptcha.com
jokefaucet.com
newassets.hcaptcha.com
p.asce.xyz
poqueras.com
static.a-ads.com
thunda.co
104.16.168.131
104.21.80.230
144.76.102.187
172.67.171.70
185.158.248.97
198.134.116.30
213.227.135.229
2600:3c02::f03c:91ff:fee2:5b0f
54.236.207.160
78.46.33.196
070078ece6bc726769b77c87337aa1220a52755f3e49255d5e2c7170f220f1e6
2d85d63b65c54797ae0d01e6c4118cfc89bf38d03feae40eae319f8c6951d5a4
3e8eef1799c3bafc1c9d61221c71f7f89cf1bd0e36c0c6351fc3e1e1acd62826
42f27d2f859e661bf8814f9dbc2ed32dcb351b5ca6218d81286837e5ca58be9d
44a3867381adb7e33c6dbad98c7b1ac198e873340ed24cf3f7c03ef139f403d8
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5be1e03fe7d3a2c872ad403c2355b799b848d97bb797e2f65a781fd578b4ded0
669c00972143e77afe1b05e169de31464fb5b983b5ea9fa8a172d223b26f2424
75540136f3178e826aecc065866107906b4292df41c28aeac20aab00a0dba7b0
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
ab55f777b7aeb2a5b0014ab2fd080d58e85ef4a7be872e6726990ccae56b9564
abc74097189feb2901ef6d2e9a24098ea132ae0c35ea2ded270f96b0458868ac
c5a4b4c997a64b0f4d8e05774ee9c0cad7734e938d725a87ca07f326ad23bc1a
d49ac2252725e0696300fa10e23f6153b78e81ccb3c29859878cd7512968b034
e559e8e944d6bf35ab0625481e0e0a5c41cd83944bbb915100d4ac3e9aca6a78