urlscan.io logo urlscan.io
SecurityTrails logo

www.store.secure.jokersstash.ws Open in urlscan Pro
190.115.18.189  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.store.secure.jokersstash.ws/
Submission: On September 02 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 27 HTTP transactions. The main IP is 190.115.18.189, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is www.store.secure.jokersstash.ws.
TLS certificate: Issued by R3 on September 2nd 2021. Valid for: 3 months.
This is the only time www.store.secure.jokersstash.ws was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
15 190.115.18.189 262254 (DDOS-GUAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 172.67.72.223 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
27 5
15    190.115.18.189 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
www.store.secure.jokersstash.ws
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.67.72.223 (United States)

ASN13335 (CLOUDFLARENET, US)
code.tidio.co
5    2606:4700:20::ac43:4703 (United States)

ASN13335 (CLOUDFLARENET, US)
widget-v4.tidiochat.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
15 www.store.secure.jokersstash.ws www.store.secure.jokersstash.ws
cdnjs.cloudflare.com
5 fonts.gstatic.com fonts.googleapis.com
5 widget-v4.tidiochat.com www.store.secure.jokersstash.ws
code.tidio.co
1 cdnjs.cloudflare.com www.store.secure.jokersstash.ws
1 code.tidio.co 1 redirects
1 fonts.googleapis.com www.store.secure.jokersstash.ws
27 6

This site contains no links.

Subject Issuer Validity Valid
store.secure.jokersstash.ws
R3		 2021-09-02 -
2021-12-01		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-17 -
2022-06-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.store.secure.jokersstash.ws/
Frame ID: 11E6BDF5EF37A5B565733C45F1136C66
Requests: 23 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_74_0/static/js/chunk-WidgetIframe-949ddb143ac406a274a2.js
Frame ID: D3533E2DDB91F742659C3CF7E1BD4147
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cardano Giveaway

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

27
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

1016 kB
Transfer

1725 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://code.tidio.co/b1ce0szjxvusn7pm4vu2aelocdxj0vda.js HTTP 302
  • https://widget-v4.tidiochat.com/1_74_0/static/js/render.949ddb143ac406a274a2.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.store.secure.jokersstash.ws/ 		23 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
6dd07e35ebbace06f39517a166260b7bbaa9f87daa3542f477a1b0b8b51fcd78
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:method
GET
:authority
www.store.secure.jokersstash.ws
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server
ddos-guard
content-security-policy
upgrade-insecure-requests;
set-cookie
__ddg1=LceUXq1neW632KqxN4nt; Domain=.jokersstash.ws; HttpOnly; Path=/; Expires=Fri, 02-Sep-2022 10:46:38 GMT
date
Thu, 02 Sep 2021 10:46:38 GMT
last-modified
Tue, 31 Aug 2021 18:27:15 GMT
etag
"5df5-5cadf195b1530-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-length
5263
content-type
text/html
css2
fonts.googleapis.com/ 		13 KB
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Montserrat:wght@400;500;600;700;900&display=swap
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d0f2e0f3eb92613ecfaacae814439a3aef221d9ee8eaba8670520cd4f04169d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 10:46:38 GMT
server
ESF
date
Thu, 02 Sep 2021 10:46:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Sep 2021 10:46:38 GMT
style.css
www.store.secure.jokersstash.ws/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.store.secure.jokersstash.ws/css/style.css
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
6944a721b376c1f2bf998fa0610664cadd126c9249cf75e0fc7d6059045015ca
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/css/style.css
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Tue, 31 Aug 2021 18:27:15 GMT
server
ddos-guard
age
0
etag
W/"2516-5cadf195f0cd0-gzip"
vary
Accept-Encoding
content-type
text/css
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
render.949ddb143ac406a274a2.js
widget-v4.tidiochat.com/1_74_0/static/js/
Redirect Chain
  • https://code.tidio.co/b1ce0szjxvusn7pm4vu2aelocdxj0vda.js
  • https://widget-v4.tidiochat.com/1_74_0/static/js/render.949ddb143ac406a274a2.js
17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_74_0/static/js/render.949ddb143ac406a274a2.js
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04108eaf19c979b5f1fb05eba3fbe1e30889894c73a9a222cfde3080f7d6ef84

Request headers

Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 10:46:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Aug 2021 10:24:38 GMT
server
cloudflare
age
4494
etag
W/"61276be6-4308"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yewRNeNlyDIAiDDGquaJmV7hfshao%2F9fCGjbgDtS2bW1NxzJUGzDnVF5WIDKs6vngi5sH1ZZNR1%2FFlR0rUaEFDLePu%2F9jcp6dNWCIHn6nsnFaPiMCatqUEsivm0SlE3ciK5NAtaNngu3aMArxUlCpJ1jMmlf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
688627d9dc775b38-FRA

Redirect headers

date
Thu, 02 Sep 2021 10:46:38 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vA8bzzCORALvlJmGAC2hCyZu4ff2q801LYYCTz1elUmnFbViiXUR2ILIEqjao7m%2BcjLpPHIoVLcDpCFQT8%2B8R1ffYJ1QiHoWWqJvJJOIp4X7dxm%2FTGBE74ENO%2B0zxYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://widget-v4.tidiochat.com/1_74_0/static/js/render.949ddb143ac406a274a2.js
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
688627d98c5739a5-CDG
logo.png
www.store.secure.jokersstash.ws/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/logo.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
3a0f01d60067bfe1fad15c202e59f68f0b63724e0135358cb4e36ae9e782c6a5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/logo.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:16 GMT
server
ddos-guard
age
0
etag
"cc7-5cadf196517af"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
content-length
3271
creator.png
www.store.secure.jokersstash.ws/img/ 		355 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/creator.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
06c3ac4fb5946b1ffcf9b97cdf6aae0caeb2917d3d2e382badcd96c2b9395b0c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/creator.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:16 GMT
server
ddos-guard
age
0
etag
"58cca-5cadf1968b18e"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
content-length
363722
qr.png
www.store.secure.jokersstash.ws/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/qr.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
7fbbd4b6ee3758cae9b347ec838fa0a6327071f2b4b8422af4bf5bcdcab6ecc7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/qr.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:15 GMT
server
ddos-guard
age
0
etag
"103a-5cadf19617dcf"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
content-length
4154
arrow.png
www.store.secure.jokersstash.ws/img/ 		589 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/arrow.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
8ddd17fb43c526096e7fbe382a18f10184cfcb72da28766251583f76dac6090f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/arrow.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:15 GMT
server
ddos-guard
age
0
etag
"24d-5cadf1963046f"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
content-length
589
time.png
www.store.secure.jokersstash.ws/img/ 		891 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/time.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
c60ab4d3b8d48409e529867856c36c3049e7601b97019e628c3775e027ae25b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/time.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:15 GMT
server
ddos-guard
age
0
etag
"37b-5cadf195f89d0"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
content-length
891
ada.png
www.store.secure.jokersstash.ws/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/ada.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
65fd5a274a14af55380d5ed17cdb26cc2f4e8a5925457a9a1135083a4e3e4ff7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/ada.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:16 GMT
server
ddos-guard
age
0
etag
"41d-5cadf19670bae"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
content-length
1053
verified.png
www.store.secure.jokersstash.ws/img/ 		779 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/verified.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
540ff4d859480b903bb3a173c63ba49a326b8671498e2f1ba8cfd316be43d542
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/verified.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:15 GMT
server
ddos-guard
age
0
etag
"30b-5cadf1963140f"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
content-length
779
qr.png
www.store.secure.jokersstash.ws/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/qr.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
7fbbd4b6ee3758cae9b347ec838fa0a6327071f2b4b8422af4bf5bcdcab6ecc7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/qr.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:15 GMT
server
ddos-guard
age
0
etag
"103a-5cadf195ac710"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
content-length
4154
apply.png
www.store.secure.jokersstash.ws/img/ 		321 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/apply.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
57b9df63533a8b01e18728d0d1d8e840e631693b29df789536ca335ab71ff470
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/apply.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:16 GMT
server
ddos-guard
age
0
etag
"141-5cadf196517af"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
content-length
321
check.png
www.store.secure.jokersstash.ws/img/ 		363 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/check.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
9a61d6aabea38ed8713f7e3fbe6c4f758690447204d326434f78097665c48599
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/check.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:16 GMT
server
ddos-guard
age
0
etag
"16b-5cadf19690f4e"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
set-cookie
__ddgid=6C3PYnwW04eNwy7y; Domain=.www.store.secure.jokersstash.ws; HttpOnly; SameSite=None; Secure; Path=/; Expires=Fri, 02-Sep-2022 10:46:38 GMT __ddgmark=QsRuSa9pPgrDx5Rs; Domain=.www.store.secure.jokersstash.ws; HttpOnly; SameSite=None; Secure; Path=/; Expires=Fri, 03-Sep-2021 10:46:38 GMT
accept-ranges
bytes
content-length
363
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 10:46:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42032
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNxvambSd6CuBK3lpD5s%2F2FuGtoKcBmfs7Kij9W2OgUFfF15nphSsM3B7V5D%2BRr%2FsPQTr%2F%2FmOqRwnDVsR2o%2FSkHJFVUvBpKeQuQgwwgEEB8eoO6BYJ9FBayA1gRYGkaSJcfSzYhyu9yh4Oa3VV0oLHDr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
688627d92dcf4edf-FRA
expires
Tue, 23 Aug 2022 10:46:38 GMT
background.png
www.store.secure.jokersstash.ws/img/ 		245 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/background.png
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
8507abe1a3e4c7517d5d1304e68dd77d773980c6579debe0468316efe1171fbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/background.png
pragma
no-cache
cookie
__ddg1=LceUXq1neW632KqxN4nt
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:16 GMT
server
ddos-guard
age
0
etag
"3d47a-5cadf196b516e"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
accept-ranges
bytes
content-length
251002
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Montserrat:wght@400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.store.secure.jokersstash.ws
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:53:32 GMT
x-content-type-options
nosniff
age
420786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19824
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 13:53:32 GMT
JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Montserrat:wght@400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.store.secure.jokersstash.ws
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 19:00:23 GMT
x-content-type-options
nosniff
age
488775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:29 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:00:23 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Montserrat:wght@400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.store.secure.jokersstash.ws
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:23:33 GMT
x-content-type-options
nosniff
age
422585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 13:23:33 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Montserrat:wght@400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.store.secure.jokersstash.ws
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 06:57:39 GMT
x-content-type-options
nosniff
age
445739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 06:57:39 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&family=Montserrat:wght@400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.store.secure.jokersstash.ws
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 14:31:21 GMT
x-content-type-options
nosniff
age
418517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 14:31:21 GMT
chunk-WidgetIframe-949ddb143ac406a274a2.js
widget-v4.tidiochat.com/1_74_0/static/js/ Frame D353 		344 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_74_0/static/js/chunk-WidgetIframe-949ddb143ac406a274a2.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/b1ce0szjxvusn7pm4vu2aelocdxj0vda.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6f907fc1874a0351119ab789113ab60fb0347fc6e06d55d1c3d053ac2b41b5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 10:46:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Aug 2021 10:24:17 GMT
server
cloudflare
age
4494
etag
W/"61276bd1-55e63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSTsnDXSaGDawosAWg7OKpJ6EBFbwEtDnJ6mS0sDiKJuVSELDAadJfJK8C7l9LmhNyaNsKtOxVzBPxl9yGYnS4E2OK4vscTLzNItvlWvHUqzIm8nl%2BqWDzwA%2F2jjygus6WhLx1gu0V8a95RMpVoup%2F57%2BEEM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
688627dabdfc5b38-FRA
tururu.mp3
widget-v4.tidiochat.com// Frame D353 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 02 Sep 2021 10:46:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2036843
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Mon, 21 Jun 2021 10:08:24 GMT
server
cloudflare
etag
"60d06518-1c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHubdUFNQbEmgV%2Ff5mPd9UVyhPUP2AmZq5w0NCOdiaWc4q19xAExhwb43QCDUl6rV8il7K6RWelaeN4PTUrqVVCPujlIVcfR0SLKXsyCgo%2BVj9VOp6L654etIkjB8ssy5HsCXHeqPC3wb4jzCnQblyyu9rDH"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
688627dade445b38-FRA
expires
Mon, 23 Aug 2021 20:59:15 GMT
widget.949ddb143ac406a274a2.js
widget-v4.tidiochat.com//1_74_0/static/js/ Frame D353 		505 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//1_74_0/static/js/widget.949ddb143ac406a274a2.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/b1ce0szjxvusn7pm4vu2aelocdxj0vda.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
addbaab1c14d8bd988473c5d5b21a3a1ee703c8da25bdd1f2f29a8d2849be4ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 10:46:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Aug 2021 10:25:42 GMT
server
cloudflare
age
4494
etag
W/"61276c26-7e41b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Se6pWtW0KO8VTlMz3OdUyflY%2FF688jetFxzaC5pwMLTMDs2PbA3KHQzSLsT21vnLeIAdvm%2F%2Fcje4KC4NHccj761dtIh%2FBNK9yERRBoUZORvukZ6777pdJ2GR3pbI7xWFPSl03YUZIHSmFmmoI1d3ZYqEvyOM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
688627dafe6c5b38-FRA
tururu.mp3
widget-v4.tidiochat.com// Frame D353 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: www.store.secure.jokersstash.ws
URL: https://www.store.secure.jokersstash.ws/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 02 Sep 2021 10:46:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2036843
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Mon, 21 Jun 2021 10:08:24 GMT
server
cloudflare
etag
"60d06518-1c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2UzJqEMjO8jZh7hGi2aYYDieINvY3FAxsNuVRQXvwbW1B6nu1GjcA2PjokBhy6Yg81Sl7V4jBguu2kFj7fGjhdLSqu3Md3qepAR97YWAuB4uTXVmYXktP3kDjJCnYkG2nRzi4XKfbvzr5FIAtoZfhED1pyx"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
688627db6f3a5b38-FRA
expires
Mon, 23 Aug 2021 20:59:15 GMT
check.png
www.store.secure.jokersstash.ws/img/ 		363 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/check.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
9a61d6aabea38ed8713f7e3fbe6c4f758690447204d326434f78097665c48599
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/check.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:16 GMT
server
ddos-guard
age
6
etag
"16b-5cadf19690f4e"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
set-cookie
__ddg1=RZ7B4Jn9OASxKOXVkr7s; Domain=.jokersstash.ws; HttpOnly; Path=/; Expires=Fri, 02-Sep-2022 10:46:44 GMT
accept-ranges
bytes
content-length
363
check.png
www.store.secure.jokersstash.ws/img/ 		363 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.store.secure.jokersstash.ws/img/check.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.18.189 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
9a61d6aabea38ed8713f7e3fbe6c4f758690447204d326434f78097665c48599
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:path
/img/check.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.store.secure.jokersstash.ws
referer
https://www.store.secure.jokersstash.ws/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.store.secure.jokersstash.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Tue, 31 Aug 2021 18:27:16 GMT
server
ddos-guard
age
10
etag
"16b-5cadf19690f4e"
content-type
image/png
date
Thu, 02 Sep 2021 10:46:38 GMT
set-cookie
__ddg1=AElWAXJZdeXZgmeQfgdF; Domain=.jokersstash.ws; HttpOnly; Path=/; Expires=Fri, 02-Sep-2022 10:46:48 GMT
accept-ranges
bytes
content-length
363

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| SENTRY_RELEASE object| tidioChatApi function| $ function| jQuery function| copy

3 Cookies

Domain/Path Name / Value
.www.store.secure.jokersstash.ws/ Name: __ddgmark
Value: QsRuSa9pPgrDx5Rs
.www.store.secure.jokersstash.ws/ Name: __ddgid
Value: 6C3PYnwW04eNwy7y
.jokersstash.ws/ Name: __ddg1
Value: LceUXq1neW632KqxN4nt

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
widget-v4.tidiochat.com
www.store.secure.jokersstash.ws
172.67.72.223
190.115.18.189
2606:4700:20::ac43:4703
2606:4700::6810:125e
2a00:1450:4001:808::2003
2a00:1450:4001:82f::200a
04108eaf19c979b5f1fb05eba3fbe1e30889894c73a9a222cfde3080f7d6ef84
06c3ac4fb5946b1ffcf9b97cdf6aae0caeb2917d3d2e382badcd96c2b9395b0c
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2f6f907fc1874a0351119ab789113ab60fb0347fc6e06d55d1c3d053ac2b41b5
3a0f01d60067bfe1fad15c202e59f68f0b63724e0135358cb4e36ae9e782c6a5
3d0f2e0f3eb92613ecfaacae814439a3aef221d9ee8eaba8670520cd4f04169d
540ff4d859480b903bb3a173c63ba49a326b8671498e2f1ba8cfd316be43d542
57b9df63533a8b01e18728d0d1d8e840e631693b29df789536ca335ab71ff470
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
65fd5a274a14af55380d5ed17cdb26cc2f4e8a5925457a9a1135083a4e3e4ff7
6944a721b376c1f2bf998fa0610664cadd126c9249cf75e0fc7d6059045015ca
6dd07e35ebbace06f39517a166260b7bbaa9f87daa3542f477a1b0b8b51fcd78
7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574
7fbbd4b6ee3758cae9b347ec838fa0a6327071f2b4b8422af4bf5bcdcab6ecc7
8507abe1a3e4c7517d5d1304e68dd77d773980c6579debe0468316efe1171fbe
8ddd17fb43c526096e7fbe382a18f10184cfcb72da28766251583f76dac6090f
9a61d6aabea38ed8713f7e3fbe6c4f758690447204d326434f78097665c48599
addbaab1c14d8bd988473c5d5b21a3a1ee703c8da25bdd1f2f29a8d2849be4ed
c60ab4d3b8d48409e529867856c36c3049e7601b97019e628c3775e027ae25b3
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e