urlscan.io logo urlscan.io
SecurityTrails logo

lifesucks.shop Open in urlscan Pro
109.236.83.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lifesucks.shop/
Effective URL: https://lifesucks.shop/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On June 05 via api from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 30 HTTP transactions. The main IP is 109.236.83.62, located in Naaldwijk, Netherlands and belongs to WORLDSTREAM, NL. The main domain is lifesucks.shop.
TLS certificate: Issued by R3 on June 4th 2024. Valid for: 3 months.
This is the only time lifesucks.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 109.236.83.62 49981 (WORLDSTREAM)
1 65.9.95.99 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 65.9.95.40 16509 (AMAZON-02)
1 18.159.250.183 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
1 34.120.195.249 396982 (GOOGLE-CL...)
2 3.23.213.251 16509 (AMAZON-02)
1 52.27.128.13 16509 (AMAZON-02)
30 12
14    109.236.83.62 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 109-236-83-62.hosted-by-worldstream.net
lifesucks.shop
1    65.9.95.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-99.prg50.r.cloudfront.net
js.datadome.co
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    65.9.95.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-40.prg50.r.cloudfront.net
consent.trustarc.com
1    18.159.250.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-250-183.eu-central-1.compute.amazonaws.com
api-js.datadome.co
1    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o438986.ingest.sentry.io
2    3.23.213.251 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-213-251.us-east-2.compute.amazonaws.com
ht.blackhawknetwork.com
1    52.27.128.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-128-13.us-west-2.compute.amazonaws.com
cardholder.jokercard.ca
Apex Domain
Subdomains		 Transfer
14 lifesucks.shop
lifesucks.shop
1 MB
5 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3275
176 KB
2 blackhawknetwork.com
ht.blackhawknetwork.com — Cisco Umbrella Rank: 127332
2 KB
2 datadome.co
js.datadome.co — Cisco Umbrella Rank: 5736
api-js.datadome.co — Cisco Umbrella Rank: 5357
28 KB
1 jokercard.ca
cardholder.jokercard.ca
2 KB
1 sentry.io
o438986.ingest.sentry.io — Cisco Umbrella Rank: 37835
348 B
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 5558
20 KB
1 gstatic.com
fonts.gstatic.com
51 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
64 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
1 KB
30 10
Domain Requested by
14 lifesucks.shop lifesucks.shop
5 consent.trustarc.com lifesucks.shop
2 ht.blackhawknetwork.com lifesucks.shop
1 cardholder.jokercard.ca
1 o438986.ingest.sentry.io browser.sentry-cdn.com
1 browser.sentry-cdn.com lifesucks.shop
1 api-js.datadome.co lifesucks.shop
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com lifesucks.shop
1 fonts.googleapis.com lifesucks.shop
1 js.datadome.co lifesucks.shop
30 11

This site contains links to these domains. Also see Links.

Domain
www.jokercard.ca
cardholder.jokercard.ca
blackhawknetwork.com
Subject Issuer Validity Valid
lifesucks.shop
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.datadome.co
Gandi RSA Domain Validation Secure Server CA 3		 2023-10-10 -
2024-11-09		 a year crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2024-03-16 -
2025-04-14		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-04 -
2025-07-06		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
ht.blackhawknetwork.com
Amazon RSA 2048 M01		 2023-09-18 -
2024-10-16		 a year crt.sh
cardholder.jokercard.ca
Amazon RSA 2048 M02		 2023-07-18 -
2024-08-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://lifesucks.shop/
Frame ID: 9FB5B5CFB5E1085703913BE7C3B06FE6
Requests: 27 HTTP requests in this frame

Frame: https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/collector.min.59c3a5c.html
Frame ID: 067D87BCFDA8299B92C93C87C9491C2C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Joker Prepaid Card

Page URL History Show full URLs

  1. http://lifesucks.shop/ HTTP 307
    https://lifesucks.shop/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Page Statistics

30
Requests

97 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

1428 kB
Transfer

1904 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lifesucks.shop/ HTTP 307
    https://lifesucks.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lifesucks.shop/
Redirect Chain
  • http://lifesucks.shop/
  • https://lifesucks.shop/
34 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
49820d044e66874226b11edec5b8d8d34d7e1a61d81a9b2c343460080038a032

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
34831
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Jun 2024 00:29:17 GMT
ETag
"880f-61a1516b72280"
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 04 Jun 2024 19:02:18 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16

Redirect headers

Location
https://lifesucks.shop/
Non-Authoritative-Reason
HttpsUpgrades
font-awesome.min.css
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/font-awesome.min.css
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"7918-61a0177d4fb00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
31000
gtm.js.indir
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ 		115 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/gtm.js.indir
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
1eb9cb0fdbb3a99273279e4e77a5858355e6c321ac76023e65d9d8beea49ac9d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"1cac9-61a0177d4fb00"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
117449
tags.js.indir
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ 		148 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/tags.js.indir
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
81cfe39d237661ec6ba52a194fb2593437452ffe4754a274437482f141720e3c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"25173-61a0177d4fb00"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
151923
styles.f3f478093f1207bace4c.css
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ 		224 KB
224 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/styles.f3f478093f1207bace4c.css
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
e8d1bea57732a4a1a869d28e9e312df136d4b381850491abaaab5c860524ad55

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"37f05-61a0177d4fb00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
229125
notice
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/notice
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
929b464536b1d1102f3c503971d75946c6449d639209f40685709f068e918a5c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Origin
https://lifesucks.shop
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"8fe9-61a0177d4fb00"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
36841
widget.js.indir
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ 		223 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/widget.js.indir
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
688f09d54c3f82f33027ca253cef16377f5e633d4440c8faf3d4b7e1ae2ddae6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"37bd6-61a0177d4fb00"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
228310
Joker-Logo.webp
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/Joker-Logo.webp
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
37d6da47b4beb6a1c8b5a3f6cdd2c7668f501acea4fd65f36cd6c215aa64256b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"2816-61a0177d4fb00"
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10262
v1.7-4958
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/v1.7-4958
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
b30331795881ff744d78b4dd58ff581d6d10f2bb4fce96ea7c18e01f79a17c62

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Origin
https://lifesucks.shop
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"16eeb-61a0177d4fb00"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
93931
YWN0aXZhdGVteWdpZnRjYXJkLmNvbS5hdSxiYWxhbmNlLmV2ZXJ5d2hlcmVnaWZ0Y2FyZHMuY29tLmF1LGJobmluY2VudGl2ZXMuY29tLGNhcmRhY3RpdmF0aW9ucy5jYWNhcmRiYWxhbmNlLmNvbS5hdSxjYXJ0ZXNib25oZXVyLmNhLGRlaW5mcmVpemVpdHBhc...
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/YWN0aXZhdGVteWdpZnRjYXJkLmNvbS5hdSxiYWxhbmNlLmV2ZXJ5d2hlcmVnaWZ0Y2FyZHMuY29tLmF1LGJobmluY2VudGl2ZXMuY29tLGNhcmRhY3RpdmF0aW9ucy5jYWNhcmRiYWxhbmNlLmNvbS5hdSxjYXJ0ZXNib25oZXVyLmNhLGRlaW5mcmVpemVpdHBhcmtndXRzY2
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
433
Content-Type
text/html; charset=iso-8859-1
loader.min.js.indir
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ 		46 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/loader.min.js.indir
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
48cc92920b91ac8c799993c3585b96ed1a21e18be6d119fd02db2df884887c47

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"b9c7-61a0177d4fb00"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
47559
tags.js
js.datadome.co/ 		151 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.datadome.co/tags.js
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-99.prg50.r.cloudfront.net
Software
Apache /
Resource Hash
83a23adb064798e97c0c84aae630bbb417473822208c1fbfaf1382d2e596af48
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
date
Wed, 05 Jun 2024 00:19:27 GMT
x-amz-cf-pop
PRG50-C1
age
591
x-cache
Hit from cloudfront
content-length
28240
last-modified
Wed, 22 May 2024 14:51:21 GMT
server
Apache
etag
"25bb2-6190c115ea50d-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
_GT2L31KZzVuVJG5SwavIQNhBlyQyisRSF0C5If4HubNuLrRuARP0Q==
expires
Wed, 05 Jun 2024 01:19:26 GMT
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@100;300&display=swap
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/styles.f3f478093f1207bace4c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c867bd6083fcbaf3f9d8fdf82c34c1df333d0722ca7fe8b6bf91f9087d655e14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Jun 2024 00:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 00:29:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jun 2024 00:29:17 GMT
93520645-97d1-495f-ae06-1b0f67ac874b
https://lifesucks.shop/ 		597 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://lifesucks.shop/93520645-97d1-495f-ae06-1b0f67ac874b
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/ 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PFR2SF2
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a124174cb91d537585c20e6da7f2adbec9f79432d865cabd85f6fdeb33838db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 00:29:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65443
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Jun 2024 00:29:17 GMT
collector.min.59c3a5c.html
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ Frame 067D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/collector.min.59c3a5c.html
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
2a52e23fe0be6c04c7cadd88d8089e3cba03f1f90322363c54bc1ed1e55504bd

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://lifesucks.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
1056
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Jun 2024 00:29:17 GMT
ETag
"420-61a0177d4fb00"
Keep-Alive
timeout=5, max=96
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce9705c3ee13cadddb64a9db6b2033a318c625e556d370f2ce3d1462e236675b

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
help-icon.51731e31646df9bac3af.webp
lifesucks.shop/ 		233 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lifesucks.shop/help-icon.51731e31646df9bac3af.webp
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
3173c26a450507b15422faa4363d39c9370669402dbf6cfe42b2da37b7f0d1a9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
233
Content-Type
text/html; charset=iso-8859-1
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@100;300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://lifesucks.shop
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:10:23 GMT
x-content-type-options
nosniff
age
37134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:10:23 GMT
v1.7-4958
consent.trustarc.com/asset/notice.js/v/ 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-4958
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/notice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-40.prg50.r.cloudfront.net
Software
/
Resource Hash
3ff80193262277c622c6aca0b7e948f6820649d50bc83fe6414eedb1b38fdddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Origin
https://lifesucks.shop
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 05 Jun 2024 00:24:52 GMT
content-encoding
gzip
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 16 May 2024 02:51:23 GMT
x-amz-cf-pop
PRG50-C1
age
266
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
TX8s2Jd8NJeu28wafsnRw2a1xcvUUPWhzj1kna2OquO8fEizxg9aiw==
log
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=blackhawknetwork.com&country=ca&state=&behavior=implied&session=8f192949-9db1-4f38-84dc-4e1df9a39fba&userType=NEW&c=bca6
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-40.prg50.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 00:29:18 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
PRG50-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
6nh4P2oM5eYtbSU7mIzO4DOHFEog-IUYhXNv8PLnWsT4ZIAoHnvSaA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
collector.min.59c3a5c.js.indir
lifesucks.shop/The%20Joker%20Prepaid%20Card_files/ Frame 067D 		120 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/collector.min.59c3a5c.js.indir
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/collector.min.59c3a5c.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.236.83.62 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
109-236-83-62.hosted-by-worldstream.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
a35e5f8b5c6d5d3c542c08989a9dd11b34ed3bbfec433ebef25277a9fdba2636

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/collector.min.59c3a5c.html
Origin
https://lifesucks.shop
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 00:29:17 GMT
Last-Modified
Mon, 03 Jun 2024 19:37:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"1dfae-61a0177d4fb00"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
122798
/
api-js.datadome.co/js/ 		235 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/tags.js.indir
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.250.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-250-183.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
f7490f3bf89b675ea804a2ac417de35dd92b5e115ae41b8fbdcac2a7791f09e0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 00:29:17 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
235
expires
0
bundle.min.js
browser.sentry-cdn.com/6.2.0/ Frame 067D 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.2.0/bundle.min.js
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/collector.min.59c3a5c.js.indir
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
954350dd773c3391518817158372b803d2b9f6656b06c42107b59499432e1d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Origin
https://lifesucks.shop
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 00:29:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 18 Feb 2021 10:45:48 GMT
server
Fastly
age
4356636
etag
"3bed601095f059febe5d1903aa5918c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20473
expires
Tue, 17 Sep 2024 15:22:41 GMT
/
o438986.ingest.sentry.io/api/5405128/store/ Frame 067D 		41 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o438986.ingest.sentry.io/api/5405128/store/?sentry_key=12b69dedf1404159b023b0bd2ac031a4&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
86688029a4661ace56b8fee88d5ac3180b2eaba74489aea28e372a4af134b720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jun 2024 00:29:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
get
consent.trustarc.com/ 		133 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=RobotoBold.ttf
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-40.prg50.r.cloudfront.net
Software
/
Resource Hash
9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Origin
https://lifesucks.shop
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 05 Jun 2024 00:07:49 GMT
content-encoding
gzip
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
1289
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
zfK_DYf8o927Oxv-qpnw_f0C1gf3l_99cfNe_FJzbyvgrEBGcP79hA==
get
consent.trustarc.com/ 		142 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=RobotoRegular.ttf
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-40.prg50.r.cloudfront.net
Software
/
Resource Hash
b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Origin
https://lifesucks.shop
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 04 Jun 2024 23:40:39 GMT
content-encoding
gzip
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PRG50-C1
age
2919
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
0XxgvAxNjTww2Uh9X5U_kJXtrPjEMO6OVl_-z9JfZ1pvHKlCku6ZGg==
bannermsg
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=blackhawknetwork.com&behavior=implied&country=ca&language=en&rand=0.3619098574690971&session=8f192949-9db1-4f38-84dc-4e1df9a39fba&userType=NEW
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-40.prg50.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 00:29:18 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
PRG50-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
srqdrbo-zPDbA7b_QxozCWghIin0nGtqNFkSRRIdIuz_6ZD14mYtSA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
YWN0aXZhdGVteWdpZnRjYXJkLmNvbS5hdSxiYWxhbmNlLmV2ZXJ5d2hlcmVnaWZ0Y2FyZHMuY29tLmF1LGJobmluY2VudGl2ZXMuY29tLGNhcmRhY3RpdmF0aW9ucy5jYWNhcmRiYWxhbmNlLmNvbS5hdSxjYXJ0ZXNib25oZXVyLmNhLGRlaW5mcmVpemVpdHBhc...
ht.blackhawknetwork.com/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht.blackhawknetwork.com/assets/YWN0aXZhdGVteWdpZnRjYXJkLmNvbS5hdSxiYWxhbmNlLmV2ZXJ5d2hlcmVnaWZ0Y2FyZHMuY29tLmF1LGJobmluY2VudGl2ZXMuY29tLGNhcmRhY3RpdmF0aW9ucy5jYWNhcmRiYWxhbmNlLmNvbS5hdSxjYXJ0ZXNib25oZXVyLmNhLGRlaW5mcmVpemVpdHBhcmtndXRzY2hlaW4uZGUsZGluaW5nZXZlcnl3aGVyZWdpZnQuY29tLGRpbmluZ291dGNhcmQuY2EsZW50cmVlY2FyZC5jYSxlbnRyZWVjYXJkLmNhLGV4cGxvcmVldmVyeXdoZXJlZ2lmdC5jb20sZml2ZWJhY2tnaWZ0LmNvbSxmdWVsZXZlcnl3aGVyZS5jb20sZ2lmdGNhcmRrZXkuY29tLGdpZnRjYXJkbWFsbC5jb20sZ2lmdGNhcmRzLmNvbSxncm9jZXJ5ZXZlcnl3aGVyZS5jb20saGFwcHljYXJkcy5jYSxoYXBweWNhcmRzLmNvbSxoYXBweWNhcmRzLmNvbSxob21lZXZlcnl3aGVyZWdpZnQuY29tLGluY2VudGl2ZWNhcmRzdG9yZS5jYSxqb2tlcmNhcmQuY2EsbWFuYWdlbXlwcmVwYWlkLmNvbSxtY2dpZnQuZ2lmdGNhcmRtYWxsLmNvbSxtb3ZpZXNldmVyeXdoZXJlZ2lmdC5jb20sbXlwcmVwYWlkY2FyZHMuY2Esb25seTF2aXNhZ2lmdGNhcmQuY29tLmF1LHBwLmJobi5jYXJkcyxzdHlsZWV2ZXJ5d2hlcmVnaWZ0LmNvbSxzd2FweW91cmdpZnRjYXJkLmNvbS5hdSx0aGVwZXJmZWN0Z2lmdC5jYSx2aW5lY2FyZHMuY2E=
Requested by
Host: lifesucks.shop
URL: https://lifesucks.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.23.213.251 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-213-251.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
1fe3ea0297890805ab67852f56cf1df0963d2cb5e584f8e36b7c3e0253eb6bc9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 00:29:18 GMT
x-amzn-trace-id
Root=1-665fb15e-6d2ce1a33d06ea063842a2ce;Parent=43691e62bc2f3542;Sampled=0;lineage=13ba6a0f:0
x-amzn-requestid
dd950dff-bf04-4301-aa1f-cee44d6b681e
content-length
1256
x-amz-apigw-id
Y3im0FMZiYcET_A=
content-type
application/javascript
blackhawk-icon.webp
cardholder.jokercard.ca/assets/shared/ 		898 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cardholder.jokercard.ca/assets/shared/blackhawk-icon.webp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.128.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-128-13.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
009e842e06f4fdab89c466fded0cc965979e7b291d6a09e74cce079b425ee45e
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com consent.trustarc.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com *.googletagmanager.com *.jquery.com *.cloudflare.com s3.amazonaws.com testing.conversionteam.com *.blackhawknetwork.com *.sardine.ai;script-src-attr 'unsafe-inline';connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co *.blackhawknetwork.com *.sardine.ai;img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com data: s3.amazonaws.com testing.conversionteam.com *.blackhawknetwork.com;style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com www.googletagmanager.com;frame-src *;object-src 'none';media-src 'self' *.iesnare.com data:;frame-ancestors 'self' cardholder.jokercard.ca;base-uri 'self';form-action 'self';upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 00:29:18 GMT
content-security-policy
default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com consent.trustarc.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com *.googletagmanager.com *.jquery.com *.cloudflare.com s3.amazonaws.com testing.conversionteam.com *.blackhawknetwork.com *.sardine.ai;script-src-attr 'unsafe-inline';connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co *.blackhawknetwork.com *.sardine.ai;img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com data: s3.amazonaws.com testing.conversionteam.com *.blackhawknetwork.com;style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com www.googletagmanager.com;frame-src *;object-src 'none';media-src 'self' *.iesnare.com data:;frame-ancestors 'self' cardholder.jokercard.ca;base-uri 'self';form-action 'self';upgrade-insecure-requests
x-content-type-options
nosniff
last-modified
Thu, 30 May 2024 18:40:16 GMT
etag
W/"382-18fcacd80c4"
x-frame-options
DENY
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
898
x-xss-protection
1; mode=block
logo.png
ht.blackhawknetwork.com/assets/images/ 		0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht.blackhawknetwork.com/assets/images/logo.png?l=https://lifesucks.shop/&r=&d=activatemygiftcard.com.au,balance.everywheregiftcards.com.au,bhnincentives.com,cardactivations.cacardbalance.com.au,cartesbonheur.ca,deinfreizeitparkgutschein.de,diningeverywheregift.com,diningoutcard.ca,entreecard.ca,entreecard.ca,exploreeverywheregift.com,fivebackgift.com,fueleverywhere.com,giftcardkey.com,giftcardmall.com,giftcards.com,groceryeverywhere.com,happycards.ca,happycards.com,happycards.com,homeeverywheregift.com,incentivecardstore.ca,jokercard.ca,managemyprepaid.com,mcgift.giftcardmall.com,movieseverywheregift.com,myprepaidcards.ca,only1visagiftcard.com.au,pp.bhn.cards,styleeverywheregift.com,swapyourgiftcard.com.au,theperfectgift.ca,vinecards.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.23.213.251 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-213-251.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lifesucks.shop/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 00:29:18 GMT
x-amzn-trace-id
Root=1-665fb15e-316a3c1c30155387268c778b;Parent=768a4db08911860f;Sampled=0;lineage=65e6dab5:0
x-amzn-requestid
91a059e4-bd0b-48e3-8f8d-dea098e7a57c
content-length
0
x-amz-apigw-id
Y3im1EJ9CYcEbXA=
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| ddjskey object| ddoptions object| google_tag_manager object| google_tag_data object| dataLayer boolean| dataDomeProcessed object| dataDomeOptions function| RMSWidget function| a3J3 function| a3J2 object| regeneratorRuntime object| _Sardine string| _sardine_revision object| truste function| shouldRepop function| shouldResolveConsent string| userType object| $temp_inner_iframe object| $temp_closebtn_style object| $temp_box_overlay object| $temp_box_overlay_border string| $temp_externalcss function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG string| x object| temp string| root_domain undefined| m string| r

3 Cookies

Domain/Path Name / Value
.lifesucks.shop/ Name: TAsessionID
Value: 8f192949-9db1-4f38-84dc-4e1df9a39fba|NEW
.lifesucks.shop/ Name: notice_behavior
Value: implied,eu
.lifesucks.shop/ Name: datadome
Value: Ii8Kh5JHfkqGOMXez4QoAlJNiL7ILGbO2DKmhbKcTPphuCDvgdZweaGmj9FpZjXk8ZsIwPXiC6TPUK7Fpay0INExgUEfvEgk~XFCeK6_OEl8S8RcUN7U1FKXJIjOia~z

3 Console Messages

Source Level URL
Text
network error URL: https://lifesucks.shop/The%20Joker%20Prepaid%20Card_files/YWN0aXZhdGVteWdpZnRjYXJkLmNvbS5hdSxiYWxhbmNlLmV2ZXJ5d2hlcmVnaWZ0Y2FyZHMuY29tLmF1LGJobmluY2VudGl2ZXMuY29tLGNhcmRhY3RpdmF0aW9ucy5jYWNhcmRiYWxhbmNlLmNvbS5hdSxjYXJ0ZXNib25oZXVyLmNhLGRlaW5mcmVpemVpdHBhcmtndXRzY2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://lifesucks.shop/help-icon.51731e31646df9bac3af.webp
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation verbose URL: https://lifesucks.shop/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
browser.sentry-cdn.com
cardholder.jokercard.ca
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
ht.blackhawknetwork.com
js.datadome.co
lifesucks.shop
o438986.ingest.sentry.io
www.googletagmanager.com
109.236.83.62
18.159.250.183
2a00:1450:4001:802::200a
2a00:1450:4001:810::2008
2a00:1450:4001:831::2003
2a04:4e42:200::729
3.23.213.251
34.120.195.249
52.27.128.13
65.9.95.40
65.9.95.99
009e842e06f4fdab89c466fded0cc965979e7b291d6a09e74cce079b425ee45e
1eb9cb0fdbb3a99273279e4e77a5858355e6c321ac76023e65d9d8beea49ac9d
1fe3ea0297890805ab67852f56cf1df0963d2cb5e584f8e36b7c3e0253eb6bc9
2a52e23fe0be6c04c7cadd88d8089e3cba03f1f90322363c54bc1ed1e55504bd
3173c26a450507b15422faa4363d39c9370669402dbf6cfe42b2da37b7f0d1a9
37d6da47b4beb6a1c8b5a3f6cdd2c7668f501acea4fd65f36cd6c215aa64256b
3ff80193262277c622c6aca0b7e948f6820649d50bc83fe6414eedb1b38fdddd
48cc92920b91ac8c799993c3585b96ed1a21e18be6d119fd02db2df884887c47
49820d044e66874226b11edec5b8d8d34d7e1a61d81a9b2c343460080038a032
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
688f09d54c3f82f33027ca253cef16377f5e633d4440c8faf3d4b7e1ae2ddae6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81cfe39d237661ec6ba52a194fb2593437452ffe4754a274437482f141720e3c
83a23adb064798e97c0c84aae630bbb417473822208c1fbfaf1382d2e596af48
86688029a4661ace56b8fee88d5ac3180b2eaba74489aea28e372a4af134b720
9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70
929b464536b1d1102f3c503971d75946c6449d639209f40685709f068e918a5c
954350dd773c3391518817158372b803d2b9f6656b06c42107b59499432e1d7f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a124174cb91d537585c20e6da7f2adbec9f79432d865cabd85f6fdeb33838db
a35e5f8b5c6d5d3c542c08989a9dd11b34ed3bbfec433ebef25277a9fdba2636
b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
b30331795881ff744d78b4dd58ff581d6d10f2bb4fce96ea7c18e01f79a17c62
c867bd6083fcbaf3f9d8fdf82c34c1df333d0722ca7fe8b6bf91f9087d655e14
ce9705c3ee13cadddb64a9db6b2033a318c625e556d370f2ce3d1462e236675b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d1bea57732a4a1a869d28e9e312df136d4b381850491abaaab5c860524ad55
f7490f3bf89b675ea804a2ac417de35dd92b5e115ae41b8fbdcac2a7791f09e0