www.presidenthump.lol Open in urlscan Pro
52.17.119.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jeko.lol/
Effective URL:
https://www.presidenthump.lol/
Submission: On May 14 via api (May 14th 2024, 9:46:26 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 13 HTTP transactions. The main IP is 52.17.119.105, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.presidenthump.lol.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.

This is the only time www.presidenthump.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	75.2.70.75 75.2.70.75	16509 (AMAZON-02) (AMAZON-02)
1 1	34.249.200.254 34.249.200.254	16509 (AMAZON-02) (AMAZON-02)
1	52.17.119.105 52.17.119.105	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:20a... 2600:9000:20ae:f600:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.34.60 108.138.34.60	16509 (AMAZON-02) (AMAZON-02)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.173.187.111 18.173.187.111	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
1	172.67.194.57 172.67.194.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
13	8

1 75.2.70.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com

jeko.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.200.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-200-254.eu-west-1.compute.amazonaws.com

www.jeko.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.119.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com

www.presidenthump.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20ae:f600:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.34.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-60.muc50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

eocampaign1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-111.muc50.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.194.57 (United States)

ASN13335 (CLOUDFLARENET, US)

gallery.eo.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 6282	178 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	986 B
2	jeko.lol 2 redirects jeko.lol www.jeko.lol	314 B
1	gstatic.com www.gstatic.com	202 KB
1	eo.page gallery.eo.page — Cisco Umbrella Rank: 206008	32 KB
1	webflow.com uploads-ssl.webflow.com — Cisco Umbrella Rank: 13850	10 KB
1	eocampaign1.com eocampaign1.com — Cisco Umbrella Rank: 158241	36 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	presidenthump.lol www.presidenthump.lol	3 KB
13	9

	Domain	Requested by
4	assets-global.website-files.com	www.presidenthump.lol
3	www.google.com	eocampaign1.com www.gstatic.com
1	www.gstatic.com	www.google.com
1	gallery.eo.page	www.presidenthump.lol
1	uploads-ssl.webflow.com	assets-global.website-files.com
1	eocampaign1.com	www.presidenthump.lol
1	d3e54v103j8qbb.cloudfront.net	www.presidenthump.lol
1	www.presidenthump.lol
1	www.jeko.lol	1 redirects
1	jeko.lol	1 redirects
13	10

This site contains links to these domains. Also see Links.

Domain
t.me
twitter.com
emailoctopus.com

Subject Issuer	Validity	Valid
www.presidenthump.lol R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-08`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
eocampaign1.com GTS CA 1P5	`2024-04-24` - `2024-07-23`	3 months	crt.sh
uploads-ssl.webflow.com Amazon RSA 2048 M02	`2023-07-29` - `2024-08-26`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
eo.page E1	`2024-04-11` - `2024-07-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.presidenthump.lol/
Frame ID: FA5812FCB22E13171AF9B218AC86C7E0
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93d3cucHJlc2lkZW50aHVtcC5sb2w6NDQz&hl=de&type=image&v=vjbW55W42X033PfTdVf6Ft4q&theme=light&size=invisible&cb=1kf3bfd5cw6z
Frame ID: C534AC89766472895EBF21D740AD0049
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
Frame ID: 96B36EB6DA5DCD45A46465DBF7F56E84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PRESIDENT HUMP

Page URL History Show full URLs

https://jeko.lol/ HTTP 301
https://www.jeko.lol/ HTTP 301
https://www.presidenthump.lol/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

13
Requests

100 %
HTTPS

20 %
IPv6

9
Domains

10
Subdomains

8
IPs

4
Countries

492 kB
Transfer

1580 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/presidenthump
Title: TELEGRAM

Search URL Search Domain Scan URL

URL: https://twitter.com/presidenthumps
Title: TWITTER

Search URL Search Domain Scan URL

URL: https://emailoctopus.com/?utm_source=powered_by_form&utm_medium=user_referral
Title: EmailOctopus

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jeko.lol/ HTTP 301
https://www.jeko.lol/ HTTP 301
https://www.presidenthump.lol/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.presidenthump.lol/
Redirect Chain

https://jeko.lol/
https://www.jeko.lol/
https://www.presidenthump.lol/

6 KB
3 KB

242ms
59ms

Document
text/html

52.17.119.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.presidenthump.lol/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6b8ed1975e5a100c6e3b1acac2c59b7fd1566894289a5e9723074db523fd7e1d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 5029
content-encoding: gzip
content-length: 2536
content-type: text/html
date: Tue, 14 May 2024 21:46:22 GMT
vary: x-wf-forwarded-proto, Accept-Encoding
x-cache: HIT
x-cache-hits: 0
x-cluster-name: eu-west-1-prod-hosting-red
x-lambda-id: 77b95760-fe49-4891-b830-63e4b15f180e
x-served-by: cache-dub4356-DUB
x-timer: S1715723182.460336,VS0,VE2

Redirect headers

accept-ranges: bytes
cache-control: private
content-length: 166
content-type: text/html
date: Tue, 14 May 2024 21:46:22 GMT
location: https://www.presidenthump.lol/
vary: x-wf-forwarded-proto
x-cache: MISS
x-cache-hits: 0
x-cluster-name: eu-west-1-prod-hosting-red
x-served-by: cache-dub4354-DUB
x-timer: S1715723182.922496,VS0,VE128

GET
H2 200 bee-a2af3b.webflow.49ba54897.css
assets-global.website-files.com/663bdc9f928a89b53fdffdec/css/ 73 KB
14 KB 199ms
48ms Stylesheet
text/css 2600:9000:20ae:f600:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/663bdc9f928a89b53fdffdec/css/bee-a2af3b.webflow.49ba54897.css
Requested by: Host: www.presidenthump.lol
URL: https://www.presidenthump.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:f600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2fa16f2968a8374034bfc5c7b6dec36341ea480a70c84effdf31c0194811c70

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.presidenthump.lol/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 20:02:09 GMT
content-encoding: gzip
via: 1.1 86f0f41c4d8083f2bfc3d1c3d9719bbc.cloudfront.net (CloudFront)
x-amz-version-id: JPoi0rMN7zpL8X1PtvkeOt8baLd0W6Zk
age: 6254
x-amz-cf-pop: MUC50-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13826
last-modified: Tue, 14 May 2024 19:58:54 GMT
server: AmazonS3
etag: "edda003118f231e5d027ff889ce06ad9"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ZNRilVQoNwyv8CA2gLwffXIsZETEhYPli7PjmwWG-jJkNAEhZOAspA==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 159ms
55ms Script
application/javascript 108.138.34.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=663bdc9f928a89b53fdffdec
Requested by: Host: www.presidenthump.lol
URL: https://www.presidenthump.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.34.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-34-60.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.presidenthump.lol/
Origin: https://www.presidenthump.lol
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:05:24 GMT
content-encoding: br
via: 1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
age: 52859
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: xRKoIJHzseAwuDbx5H0JUeq_9Oh9af_Unt-hAzPETiqW3yfmfmsqbA==

GET
H2 200 webflow.1bae7c019.js Show response
assets-global.website-files.com/663bdc9f928a89b53fdffdec/js/ 538 KB
99 KB 225ms
75ms Script
text/javascript 2600:9000:20ae:f600:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/663bdc9f928a89b53fdffdec/js/webflow.1bae7c019.js
Requested by: Host: www.presidenthump.lol
URL: https://www.presidenthump.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:f600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6d72405e3d02c42da38aaff12d688a8af640fa69e9bb9b67df26e27f1850032

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.presidenthump.lol/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: WG71.zPwuFn6BwJGmEVA_CUv7oF_m9qY
content-encoding: gzip
via: 1.1 86f0f41c4d8083f2bfc3d1c3d9719bbc.cloudfront.net (CloudFront)
date: Tue, 14 May 2024 20:02:09 GMT
age: 6254
x-amz-cf-pop: MUC50-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 100932
last-modified: Sun, 12 May 2024 00:43:34 GMT
server: AmazonS3
etag: "df566325a8bad920790f594cda8d0f3c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ocyiy-boIpQZipDtgvSMpjzfWb_ZI0ZLSiLYSvuc87eNO7KN3H2Nsw==

GET
H3 200 38ce8196-9418-11ec-9258-0241b9615763.js Show response
eocampaign1.com/form/ 255 KB
36 KB 308ms
242ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eocampaign1.com/form/38ce8196-9418-11ec-9258-0241b9615763.js

Requested by

Host: www.presidenthump.lol
URL: https://www.presidenthump.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08abc2ed3caffbe982afc80beff467ad3236f5c1d76a8901f8f9bcb2f943a173

Security Headers

Name	Value
Content-Security-Policy	default-src *;img-src 'self';font-src 'self' https://fonts.gstatic.com;style-src 'self' https://fonts.googleapis.com 'unsafe-inline';script-src 'strict-dynamic' 'nonce-vy1hKFIeA8gSaI6tH6IfkengoPc=' https: 'unsafe-inline';frame-src https://www.google.com/recaptcha/;base-uri 'none';object-src 'none';report-to main-endpoint;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.presidenthump.lol/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:46:22 GMT
content-security-policy: default-src *;img-src 'self';font-src 'self' https://fonts.gstatic.com;style-src 'self' https://fonts.googleapis.com 'unsafe-inline';script-src 'strict-dynamic' 'nonce-vy1hKFIeA8gSaI6tH6IfkengoPc=' https: 'unsafe-inline';frame-src https://www.google.com/recaptcha/;base-uri 'none';object-src 'none';report-to main-endpoint;
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
reporting-endpoints: main-endpoint="http://eocampaign1.com/csp-report"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1V2aZqyNNmu6GKsQqKVDYjK5EkbvErpL%2FIMQVLgVGxWEjAEKfzbnNT6OCwdp46%2F437dJvnMOn2%2B6vNOvPLH6bh74Ir6p63siN8N13Q%2FccVPiBgn74pTly8CV0QXv4%2BmfpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
permissions-policy: camera=(), display-capture=(), geolocation=(), microphone=()
cf-ray: 883e14a46c1f1e30-FRA

GET
H2 200 6643c032f0b153bf11795b2e_PWCartoonist.ttf
uploads-ssl.webflow.com/663bdc9f928a89b53fdffdec/ 19 KB
10 KB 153ms
49ms Font
application/x-font-ttf 18.173.187.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/663bdc9f928a89b53fdffdec/6643c032f0b153bf11795b2e_PWCartoonist.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/663bdc9f928a89b53fdffdec/css/bee-a2af3b.webflow.49ba54897.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-111.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69de59ca456c5f9a830b78f2a45aa9a92ff0ad1029f581aa4ef63cf20df4ff24

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets-global.website-files.com/
Origin: https://www.presidenthump.lol
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 20:02:10 GMT
x-amz-version-id: sbYz702M61N8tbd1_VlOgQEbXGG1NbSi
content-encoding: br
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
age: 6253
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 14 May 2024 19:49:07 GMT
server: AmazonS3
etag: W/"aa64421ece5a3ff7dfb0b299eb0e6062"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 0x7-j4FZvNFsNG1oZcbQ2EGWVEen_Wfx6EWKIIa6cKVkuY6kV0sEaw==

GET
H2 200 6643c0158726c90675edbc3e_image535355-p-800.png
assets-global.website-files.com/663bdc9f928a89b53fdffdec/ 62 KB
63 KB 92ms
91ms Image
image/png 2600:9000:20ae:f600:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/663bdc9f928a89b53fdffdec/6643c0158726c90675edbc3e_image535355-p-800.png
Requested by: Host: www.presidenthump.lol
URL: https://www.presidenthump.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:f600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe2e307776c29adf419638b7b134ec86effe82b9bdd8350e8cb25e2ff3d3c2fd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.presidenthump.lol/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 20:02:10 GMT
x-amz-version-id: LDk.kuopWPeN1tITo_BDv8M_DBsA1HCT
via: 1.1 86f0f41c4d8083f2bfc3d1c3d9719bbc.cloudfront.net (CloudFront)
age: 6253
x-amz-cf-pop: MUC50-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 63478
last-modified: Tue, 14 May 2024 19:48:40 GMT
server: AmazonS3
etag: "ef0fc62561cd74e2b8ce3e72f2dd5a90"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ff6ZpJ30FBoaoo-eR_xJvQXxMLoO1n4D4qYBlKSvuAn18FUICiVR6g==

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
986 B 138ms
57ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=loadRecaptchaFor38ce8196941811ec92580241b9615763&render=explicit

Requested by

Host: eocampaign1.com
URL: https://eocampaign1.com/form/38ce8196-9418-11ec-9258-0241b9615763.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

07f1ab2837f1cc8821516bc0b574b08ae951e36b6dfe575c93925493655427da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.presidenthump.lol/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 14 May 2024 21:46:23 GMT

GET
H3 200 4319ea62-9417-11ec-9258-0241b9615763%2F1645559656634-61f95385f2347ad98656abec_Compost.jpg
gallery.eo.page/ 32 KB
32 KB 290ms
210ms Image
image/jpeg 172.67.194.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gallery.eo.page/4319ea62-9417-11ec-9258-0241b9615763%2F1645559656634-61f95385f2347ad98656abec_Compost.jpg
Requested by: Host: www.presidenthump.lol
URL: https://www.presidenthump.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe5d28165f59df984e4979275f799741dd45e3141b340742a137ed27017dfff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.presidenthump.lol/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:46:23 GMT
x-amz-version-id: null
via: 1.1 f3d587359f8c9909f005910fc81a0b36.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR50-P8
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 32274
last-modified: Tue, 22 Feb 2022 19:54:17 GMT
server: cloudflare
etag: "22a1d044a3d31dbcad40d0e80ff31670"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6ghrdl%2FUxaJLby3npV64elQi0cwftgYkUxH39CyqbzpWXH%2BjZRlnKc8bb0mCi1Y50j91XPV0DZd9TpHTPvY9quHfB8dhsTheeQ67ulMCtBhkmE6lPwVvxL4RqAR%2BGLzogg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 883e14a71b793810-FRA
x-amz-cf-id: lFJIN7y3vaOwcse5vEU6SgiuJuRUuuD8hNkY5Me994sFrPv2_KqNjg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 505 KB
202 KB 185ms
38ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=loadRecaptchaFor38ce8196941811ec92580241b9615763&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.presidenthump.lol/
Origin: https://www.presidenthump.lol
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206091
x-xss-protection: 0
last-modified: Sun, 05 May 2024 20:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 May 2025 21:32:27 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame C534 0
0 146ms
64ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93d3cucHJlc2lkZW50aHVtcC5sb2w6NDQz&hl=de&type=image&v=vjbW55W42X033PfTdVf6Ft4q&theme=light&size=invisible&cb=1kf3bfd5cw6z

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-04x57FW_cRQr5j3dXI7yOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.presidenthump.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-04x57FW_cRQr5j3dXI7yOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 May 2024 21:46:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 6643c0da94beffe9ce2ff3e2_download-compresskaru.com%20(7).png
assets-global.website-files.com/663bdc9f928a89b53fdffdec/ 2 KB
2 KB 85ms
85ms Other
image/png 2600:9000:20ae:f600:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/663bdc9f928a89b53fdffdec/6643c0da94beffe9ce2ff3e2_download-compresskaru.com%20(7).png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:f600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ddb54f7d5534643736cab617c5140b3196aea1276bcdf6109cd3373f7061a9a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.presidenthump.lol/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 20:02:10 GMT
x-amz-version-id: MgLTnlE84VsqzF_ymyP_JSx5wsrXBYoe
via: 1.1 86f0f41c4d8083f2bfc3d1c3d9719bbc.cloudfront.net (CloudFront)
age: 6255
x-amz-cf-pop: MUC50-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1875
last-modified: Tue, 14 May 2024 19:51:55 GMT
server: AmazonS3
etag: "80b9fb0f7bd806d62adf55a137bd2352"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: fRxFKscPrHbLA9vxZrJXOlVXswpFu6Ek36VLS3SLkFdhcyWfxOhTRg==

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 96B3 0
0 51ms
50ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zQVjB3Za6DOakxTBArad_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.presidenthump.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zQVjB3Za6DOakxTBArad_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 May 2024 21:46:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-21 00:54:35	Name: _GRECAPTCHA Value: 09AGaHCq9pmKWQFb8Xloj17Rd4NqEts-F0tQDJ4GLNTPhdRXTO6ktQhKD6snpaF0k2exHi9ZVSCqh3Tkc5wj5PqdU

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.presidenthump.lol/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.presidenthump.lol/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-global.website-files.com
d3e54v103j8qbb.cloudfront.net
eocampaign1.com
gallery.eo.page
jeko.lol
uploads-ssl.webflow.com
www.google.com
www.gstatic.com
www.jeko.lol
www.presidenthump.lol
108.138.34.60
142.250.186.68
172.67.194.57
18.173.187.111
188.114.97.3
2600:9000:20ae:f600:12:9e5f:cac0:93a1
2a00:1450:4001:806::2003
34.249.200.254
52.17.119.105
75.2.70.75
07f1ab2837f1cc8821516bc0b574b08ae951e36b6dfe575c93925493655427da
08abc2ed3caffbe982afc80beff467ad3236f5c1d76a8901f8f9bcb2f943a173
0ddb54f7d5534643736cab617c5140b3196aea1276bcdf6109cd3373f7061a9a
4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0
69de59ca456c5f9a830b78f2a45aa9a92ff0ad1029f581aa4ef63cf20df4ff24
6b8ed1975e5a100c6e3b1acac2c59b7fd1566894289a5e9723074db523fd7e1d
d2fa16f2968a8374034bfc5c7b6dec36341ea480a70c84effdf31c0194811c70
e6d72405e3d02c42da38aaff12d688a8af640fa69e9bb9b67df26e27f1850032
ebe5d28165f59df984e4979275f799741dd45e3141b340742a137ed27017dfff
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe2e307776c29adf419638b7b134ec86effe82b9bdd8350e8cb25e2ff3d3c2fd

www.presidenthump.lol Open in urlscan Pro 52.17.119.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

20 %IPv6

9 Domains

10 Subdomains

8 IPs

4 Countries

492 kBTransfer

1580 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

www.presidenthump.lol Open in urlscan Pro
52.17.119.105 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

20 %
IPv6

9
Domains

10
Subdomains

8
IPs

4
Countries

492 kB
Transfer

1580 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions