urlscan.io logo urlscan.io
SecurityTrails logo

lp.wicked.com Open in urlscan Pro
104.26.6.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wickedpassword.com/
Effective URL: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=
Submission Tags: phishingrod
Submission: On October 20 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 61 HTTP transactions. The main IP is 104.26.6.229, located in and belongs to CLOUDFLARENET, US. The main domain is lp.wicked.com.
TLS certificate: Issued by WE1 on September 3rd 2024. Valid for: 3 months.
This is the only time lp.wicked.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.206.185 13335 (CLOUDFLAR...)
1 1 172.67.75.124 13335 (CLOUDFLAR...)
1 11 104.26.6.229 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 207.244.73.1 30633 (LEASEWEB-...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.35.93.73 16509 (AMAZON-02)
1 104.26.6.210 13335 (CLOUDFLAR...)
2 18.238.49.90 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 18.238.49.108 16509 (AMAZON-02)
1 2600:9000:261... ()
61 13
2    172.67.206.185 (United States)

ASN13335 (CLOUDFLARENET, US)
wickedpassword.com
1    172.67.75.124 (United States)

ASN13335 (CLOUDFLARENET, US)
www.g2fame.com
11    104.26.6.229 (None, )

ASN13335 (CLOUDFLARENET, US)
www.wicked.com
lp.wicked.com
1    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    207.244.73.1 (New Castle, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
wp8q3hdhdz-dsn.algolia.net
tsmkfa364q-dsn.algolia.net
2    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflareinsights.com
1    13.35.93.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-73.jfk50.r.cloudfront.net
static01-cms-fame.gammacdn.com
1    104.26.6.210 (None, )

ASN13335 (CLOUDFLARENET, US)
www.gammaentertainment.com
2    18.238.49.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-90.jfk52.r.cloudfront.net
3tt0xhv5u7.execute-api.us-east-1.amazonaws.com
1    2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    18.238.49.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-108.jfk52.r.cloudfront.net
ctf-images.gammacdn.com
1    2600:9000:261f:9400:11:b499:8c0:93a1 (None, )

ASN- ()
d3a3ewgd1iewwz.cloudfront.net
Apex Domain
Subdomains		 Transfer
11 wicked.com
www.wicked.com
lp.wicked.com
163 KB
4 gammacdn.com
static01-cms-fame.gammacdn.com — Cisco Umbrella Rank: 586269
ctf-images.gammacdn.com — Cisco Umbrella Rank: 972123
transform.gammacdn.com Failed
videothumb.gammacdn.com Failed
3 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683 Failed
cloudflareinsights.com — Cisco Umbrella Rank: 662
7 KB
2 amazonaws.com
3tt0xhv5u7.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 920033
825 B
2 algolia.net
wp8q3hdhdz-dsn.algolia.net — Cisco Umbrella Rank: 619695
tsmkfa364q-dsn.algolia.net — Cisco Umbrella Rank: 586364
3 KB
2 wickedpassword.com
wickedpassword.com
2 KB
1 cloudfront.net
d3a3ewgd1iewwz.cloudfront.net Failed
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
90 KB
1 gammaentertainment.com
www.gammaentertainment.com — Cisco Umbrella Rank: 542373
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
948 B
1 g2fame.com
www.g2fame.com — Cisco Umbrella Rank: 627431
532 B
0 google-analytics.com Failed
www.google-analytics.com Failed
61 12
Domain Requested by
9 lp.wicked.com lp.wicked.com
3 ctf-images.gammacdn.com
2 3tt0xhv5u7.execute-api.us-east-1.amazonaws.com lp.wicked.com
2 cloudflareinsights.com static.cloudflareinsights.com
2 www.wicked.com 1 redirects lp.wicked.com
2 wickedpassword.com
1 d3a3ewgd1iewwz.cloudfront.net lp.wicked.com
1 tsmkfa364q-dsn.algolia.net lp.wicked.com
1 www.googletagmanager.com wickedpassword.com
www.googletagmanager.com
1 www.gammaentertainment.com lp.wicked.com
1 static01-cms-fame.gammacdn.com
1 wp8q3hdhdz-dsn.algolia.net lp.wicked.com
1 static.cloudflareinsights.com lp.wicked.com
1 fonts.googleapis.com lp.wicked.com
1 www.g2fame.com 1 redirects
0 www.google-analytics.com Failed www.googletagmanager.com
0 videothumb.gammacdn.com Failed
0 transform.gammacdn.com Failed lp.wicked.com
61 18

This site contains links to these domains. Also see Links.

Domain
www.wicked.com
epoch.com
cs.segpay.com
form.jotform.com
www.asacp.org
www.rtalabel.org
Subject Issuer Validity Valid
wickedpassword.com
WE1		 2024-10-19 -
2025-01-17		 3 months crt.sh
wicked.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
algolia.net
Sectigo RSA Organization Validation Secure Server CA		 2024-01-04 -
2025-02-02		 a year crt.sh
*.gammacdn.com
Amazon RSA 2048 M03		 2024-06-16 -
2025-07-14		 a year crt.sh
gammaentertainment.com
WE1		 2024-09-04 -
2024-12-03		 3 months crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon RSA 2048 M02		 2024-06-16 -
2025-07-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=
Frame ID: F39151C6894C3A099BEFCE36E66D9F3C
Requests: 63 HTTP requests in this frame

Frame: https://www.wicked.com/track/go.php?si=371&noredirect=true&disableRouting=1&cs=lp&referer_url=https://wickedpassword.com/&ad=212006&gallery_id=lp_f8fff884-4cc9-4301-830e-5b11a2cc5b39&su=1
Frame ID: 12443D1735A36A14AC8F33BC6CDF67FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wicked Comix | Wicked Fairy Tales

Page URL History Show full URLs

  1. https://wickedpassword.com/ Page URL
  2. https://www.g2fame.com/wicked/go.php?pr=8&su=1&si=371&ad=212006&cs=/lp&cl=/aff_wicked_parodies&ar=&... HTTP 301
    https://www.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cs=/lp&cl=/aff_wicked_parodies&ar=&b... HTTP 301
    https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

61
Requests

44 %
HTTPS

38 %
IPv6

12
Domains

18
Subdomains

13
IPs

2
Countries

277 kB
Transfer

929 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wickedpassword.com/ Page URL
  2. https://www.g2fame.com/wicked/go.php?pr=8&su=1&si=371&ad=212006&cs=/lp&cl=/aff_wicked_parodies&ar=&buffer= HTTP 301
    https://www.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cs=/lp&cl=/aff_wicked_parodies&ar=&buffer= HTTP 301
    https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
wickedpassword.com/ 		214 B
876 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wickedpassword.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1367ec113dcffe1e36b18519252cd4df773637572c821895f7d8a0b0050ae640

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d55e32a7af57c03-LAX
content-encoding
zstd
content-type
text/html
date
Sun, 20 Oct 2024 03:23:07 GMT
last-modified
Tue, 07 May 2024 10:05:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9lyrSToJAOsuvMOzYre3arrWSc%2BarS3DvGAviwDCcW9eoNz9uRQ9qV1Xut4odLJTI0Lg9NQp877ALuqUMVMx%2FEkkJCrzkJP3Yk2erStrov07lErXkPHyg9iw9lQYbrlq15fOVc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=69932&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4147&recv_bytes=4487&delivery_rate=297&cwnd=12000&unsent_bytes=0&cid=dac71e1f072ea365&ts=509&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
x-accel-version
0.01
x-powered-by
PleskLin
Primary Request go.php
lp.wicked.com/track/
Redirect Chain
  • https://www.g2fame.com/wicked/go.php?pr=8&su=1&si=371&ad=212006&cs=/lp&cl=/aff_wicked_parodies&ar=&buffer=
  • https://www.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cs=/lp&cl=/aff_wicked_parodies&ar=&buffer=
  • https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=
1 KB
941 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0070708c1a11c0f8b879658ea275c54e3bb4b9fd68855f761084b0ff291a9fd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wickedpassword.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d55e3344e2869aa-LAX
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 20 Oct 2024 03:23:09 GMT
link
<wp8q3hdhdz-dsn.algolia.net>; rel="preconnect"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPNQOfnI0lEAZDsSWToTkQ7zC8nqD1%2Fn1DZ1skJGNqjmiKv22YClSy%2F7Q848CJ6uWF1gnaMb7A2P%2BJWLLDSs9AzMDJOvWMtUL%2BLwXW%2BTwGbxO24%2BnWxDPZSaaR2kpCZ1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8d55e3316aab69aa-LAX
content-type
text/html; charset=UTF-8
date
Sun, 20 Oct 2024 03:23:08 GMT
location
https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpouKThEY22Pfi6M8mph0%2FuEEZLnrHrUNsMlyYBjQOx3%2FRyplxtHGXXc%2F%2FYUUKsOx%2Fc%2BHpNXtIkYdf%2BoER2IkH6VhWW6bDe%2FUTLsUbB9V87PofjrvTvntNOw3gxeQS92"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
favicon.ico
wickedpassword.com/ 		209 B
826 B 		Other
General
Check archive.org
Download Go to
Full URL
https://wickedpassword.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://wickedpassword.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcJywFe%2BhldlcwBhb3FbvNxV2sd6yUy%2FVCsD3VxlH7b0LtX1GryI5hdHO7UYel%2BVq2vdOokh7C2kqTOQX1r6t753IRqH8yBnikVjIfe3TQxAz67DK%2BHsnSdA4hdAPgGDtJan5wA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d55e32ddec87c03-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=69936&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5094&recv_bytes=4878&delivery_rate=13190&cwnd=12000&unsent_bytes=0&cid=dac71e1f072ea365&ts=1053&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 03:23:08 GMT
content-type
text/html; charset=iso-8859-1
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
main.6530ace7.css
lp.wicked.com/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.wicked.com/static/css/main.6530ace7.css
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c8832bb23cb3e199eb0c226b459947d0702d0de69928a80781bc7015c46311
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"dd30e2b39a50e578a65848f1f22ab62a"
age
1328
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RB%2BW42Vu7sIBOEQ12B7Z4VP4EeG4nIM7d5zqW%2Bw1EE02LdI57KDQKwZ%2B0tDEkigM1W1%2FUiPmur%2FTncTaMEitU5OuoJ%2BcWVlR%2Bdjwi67ajWd1WzCO1nYfONYQ8YlL4UvH"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d55e33618b769aa-LAX
access-control-allow-origin
*
date
Sun, 20 Oct 2024 03:23:09 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
rocket-loader.min.js
lp.wicked.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.wicked.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"670fb497-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5Fujx%2BJErJ8r9ZtPUE4i7jR38PltV6qG8A%2B6N1rLeVaRbo8Aj9%2FFG1FcRWMC8zknj6YU%2BnNLUUNxNiba9G%2BKVACXd1FgXNuywQN%2Bff3JPJUucRCEqgwpjbDV979YQY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d55e33618ba69aa-LAX
expires
Tue, 22 Oct 2024 03:23:09 GMT
date
Sun, 20 Oct 2024 03:23:09 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 12:41:59 GMT
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		2 KB
948 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Hind:wght@600;700&display=swap
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/css/main.6530ace7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9484490e74fc09892477068135df429b417217c0c0093a3de67f7436f61b33b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 03:23:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 03:23:09 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 20 Oct 2024 03:13:11 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
beacon.min.js
static.cloudflareinsights.com/ 		0
0
main.a0a12aed.js
lp.wicked.com/static/js/ 		439 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.wicked.com/static/js/main.a0a12aed.js
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a137fde62dd1f9bb9cca84be64780cbfe1b51ec5a5eecd9ca7a28b239bad11a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"a37d74709f79338d8c9cfefd34a6c7f4"
age
1327
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aQG8wcVyuqXz6%2BO7XvhVs2n05VwKs8N9IfidsRzOxHzODvgd0G2EbO3CjjcWNq7hK%2Bk09n23pgBMOY8ST4QXQFUAYe1uvec%2BeINm39q72jFAnMd7vuJ050CMMRZjqw5d"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d55e3399d1169aa-LAX
access-control-allow-origin
*
date
Sun, 20 Oct 2024 03:23:09 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
favicon.ico
lp.wicked.com/ 		1 KB
804 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lp.wicked.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36d1d0a945427f38573f5d35f6634b2f60b3d2da0efbbb46c89dc66ddb25c8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=

Response headers

link
<wp8q3hdhdz-dsn.algolia.net>; rel="preconnect"
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCuqXl8lnMumLMhJk%2BlKurkejnnu4Sw8oIdhqij7%2BTIUSvHj6W9ySn8hH7Q4ypdaKAQujuFfcuTMaB3wayNUqLn0AsE%2BR4ZtcuF%2BEu9lPcW72rTISJ%2BHClcGkXZv20vc"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d55e339ad1769aa-LAX
access-control-allow-origin
*
date
Sun, 20 Oct 2024 03:23:09 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
last-modified
Sun, 20 Oct 2024 03:23:09 GMT
beacon.min.js
static.cloudflareinsights.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d55e33c2ec81025-LAX
access-control-allow-origin
*
date
Sun, 20 Oct 2024 03:23:10 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
queries
wp8q3hdhdz-dsn.algolia.net/1/indexes/*/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wp8q3hdhdz-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(3.35.1)%3B%20Browser%20(lite)&x-algolia-application-id=WP8Q3HDHDZ&x-algolia-api-key=269ee080941929e3829f27dc3a7fd46b
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.a0a12aed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.244.73.1 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx /
Resource Hash
ed27286c1eef6368b7b8fd34ef6f0108f450099248dbe8e79699e77d6d4c18a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.wicked.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
content-type
application/x-www-form-urlencoded

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-Control
no-store
Timing-Allow-Origin
*
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
X-Alg-PT
1
Accept-Encoding
deflate, gzip
Date
Sun, 20 Oct 2024 03:23:10 GMT
Content-Type
application/json; charset=UTF-8
Content-Disposition
inline; filename=a.txt
Server
nginx
favicon.ico
lp.wicked.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://lp.wicked.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36d1d0a945427f38573f5d35f6634b2f60b3d2da0efbbb46c89dc66ddb25c8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/aff_wicked_parodies?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=

Response headers

link
<wp8q3hdhdz-dsn.algolia.net>; rel="preconnect"
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCuqXl8lnMumLMhJk%2BlKurkejnnu4Sw8oIdhqij7%2BTIUSvHj6W9ySn8hH7Q4ypdaKAQujuFfcuTMaB3wayNUqLn0AsE%2BR4ZtcuF%2BEu9lPcW72rTISJ%2BHClcGkXZv20vc"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d55e339ad1769aa-LAX
access-control-allow-origin
*
date
Sun, 20 Oct 2024 03:23:09 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
last-modified
Sun, 20 Oct 2024 03:23:09 GMT
rum
cloudflareinsights.com/cdn-cgi/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://lp.wicked.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d55e33e486c0929-LAX
access-control-allow-origin
https://lp.wicked.com
date
Sun, 20 Oct 2024 03:23:10 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lp.wicked.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://lp.wicked.com
access-control-max-age
86400
cf-ray
8d55e33dcfb30929-LAX
content-encoding
gzip
content-type
text/plain
date
Sun, 20 Oct 2024 03:23:10 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
scenegrid.becff798.chunk.css
lp.wicked.com/static/css/ 		337 B
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.wicked.com/static/css/scenegrid.becff798.chunk.css
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.a0a12aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d1560df5054619fb8913015df9c008b66466fd1833624c2b69e27df38381e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/aff_wicked_parodies?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"ba7b48ba036f4f61ab163662461816a2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1oQvt1v5pRRPNmjGBQxPxUh8A3c22YMrkQdh4b2czSpXLMpiaOprMZ7X%2F555vR7SXgIQ%2ByAfAWIoIvZ62qpXjKYmrR%2B9daF69xEUEbT5xJPIBuEfK2duoqgOcbJCD7sq"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d55e33dfa5b69aa-LAX
access-control-allow-origin
*
date
Sun, 20 Oct 2024 03:23:10 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
scenegrid.4e67ec28.chunk.js
lp.wicked.com/static/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.wicked.com/static/js/scenegrid.4e67ec28.chunk.js
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.a0a12aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
588a2da92adaf57cf7a9d5ae1ce4aa244586bc31f8a48e190f7a725a376b034a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/aff_wicked_parodies?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"d428600f8e070d585d21f17dc7eff79d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gwW0lPRbvX0lcnmR5%2Ft9aPM5COuC7laNOMJRphC6CzDI2C9%2FrgY66Rt23EL6p0C5E3nkt7EExuPLYeqk%2Fey%2BKV5BWYdR3fOnygFe2XV75f%2F1fyXorROhq8PhPcRuxAQG"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d55e33dfa5f69aa-LAX
access-control-allow-origin
*
date
Sun, 20 Oct 2024 03:23:10 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
features.f6bf1306.chunk.js
lp.wicked.com/static/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.wicked.com/static/js/features.f6bf1306.chunk.js
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.a0a12aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773d6faa03997b9c947bd6e403dd7f46df62d39605201e2f3c73d11fcc39cb20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/aff_wicked_parodies?pr=8&su=1&si=371&ad=212006&cl=%2Faff_wicked_parodies&ar=&buffer=

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"73049203a130246b9d042e5a3ed09aad"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=983iGqp9WoZGvCijMMyJU52u0QKC25avyWPCVmw3%2Fscs99Yh%2Fk2H511Uc7BGF%2FrawpJXdRP9zhjlPWgex%2FOttWH%2BE%2Fw2fhZyJtGX6YIu6wcQgxrbZI4AdKa101dg5OSs"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d55e33dfa6269aa-LAX
access-control-allow-origin
*
date
Sun, 20 Oct 2024 03:23:10 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
go.php
www.wicked.com/track/ Frame 1244 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wicked.com/track/go.php?si=371&noredirect=true&disableRouting=1&cs=lp&referer_url=https://wickedpassword.com/&ad=212006&gallery_id=lp_f8fff884-4cc9-4301-830e-5b11a2cc5b39&su=1
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.a0a12aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://lp.wicked.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8d55e33e0a8369aa-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 20 Oct 2024 03:23:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NON NID PSAa PSDa OUR IND NAV"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6%2F94ivtlSE7f4kOzmLYkLz8PyjaZmeQfhVnrB18nkhRFA03HBL5c83UwGzHQWUsnEcsLTh3wOPR32FO1nTEjnd6TTB8oG0p6PK8FWhxnRCS4NxfjjyVTHglsRx1%2F6%2Ft"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
logo.svg
static01-cms-fame.gammacdn.com/wicked/m/ervi2kaiy5cgkko4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01-cms-fame.gammacdn.com/wicked/m/ervi2kaiy5cgkko4/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-73.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
c158cb3c2439ee43aa13ca0525cae77c9cfc38e3e1f720822f70b69244a4e486

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"5d41c8b6-954"
age
1169393
via
1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront)
expires
Mon, 06 Oct 2025 14:33:17 GMT
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
7kwHjldIdWT3JQeXxCo_GH5CavsO_JXf_fIc1m98BMgrOGptIJVpsw==
date
Fri, 18 Oct 2024 00:55:31 GMT
content-type
image/svg+xml
last-modified
Wed, 31 Jul 2019 16:58:30 GMT
server
nginx
x-amz-cf-pop
JFK50-P8
vary
Accept-Encoding
sitefooter
www.gammaentertainment.com/legal/ 		11 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gammaentertainment.com/legal/sitefooter?siteurl=Wicked.com&version=epoch
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.a0a12aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.210 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bc452e5aab8a84604bb91e5dab6a46fd4c23ab8a28bff66a165513d2bd10367
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/

Response headers

content-security-policy
frame-ancestors 'self';
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GXXhoIudeLEJlriQXAG3QcDi6CwEPvzo2AnqCKjpGSUjRJZgKNMxoRJxNhsGffwfxH1o9HueEPalAx1pe5cn9ICd6S81FJmbukqKTD7dtPD2ZIUf9dYvh160XVC8UFwWFh6hkPLZ6hJC%2FcFZ"}],"group":"cf-nel","max_age":604800}
cf-ray
8d55e33f19d27ca1-LAX
access-control-allow-origin
*
date
Sun, 20 Oct 2024 03:23:10 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
event
3tt0xhv5u7.execute-api.us-east-1.amazonaws.com/prod/ 		15 B
412 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://3tt0xhv5u7.execute-api.us-east-1.amazonaws.com/prod/event
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.a0a12aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-90.jfk52.r.cloudfront.net
Software
/
Resource Hash
f7d595a699860f394598b720a015537850464e5e469c0783005b3f126f2285b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://lp.wicked.com/

Response headers

x-amz-apigw-id
f7eg2ETOoAMEFlw=
x-amzn-trace-id
Root=1-6714779e-3824f27f6cabc18605cec56c;Parent=16952f76c0cead98;Sampled=0;Lineage=1:48228f50:0
x-amzn-requestid
d217336f-4de3-43f9-843c-87cab38ed275
via
1.1 fa2ecff4e65c01748abe1c8c2a9dfb72.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
15
x-amz-cf-id
HuMscCMeR8YNkGehc_BrSk5dcaOrEc_HRPg1OcnTAsOcjLEBmoCGuw==
date
Sun, 20 Oct 2024 03:23:10 GMT
content-type
application/json
x-amz-cf-pop
JFK52-P3
gtm.js
www.googletagmanager.com/ 		256 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WPXSS5Z&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: wickedpassword.com
URL: https://wickedpassword.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0f28c3bafd1d9759c5ef0f8e6f634b34b7d2b08059253d3b237dfbd76f90b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 20 Oct 2024 03:23:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 03:23:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 20 Oct 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91346
x-xss-protection
0
server
Google Tag Manager
favicon-16x16-compressor.png
ctf-images.gammacdn.com/cdyxtpbavd4i/3SveUMUB3fZlE4h1czgPAO/dc8d4649f9dff0b5010319c9ce643ce7/ 		268 B
626 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ctf-images.gammacdn.com/cdyxtpbavd4i/3SveUMUB3fZlE4h1czgPAO/dc8d4649f9dff0b5010319c9ce643ce7/favicon-16x16-compressor.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-108.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a76cb8411119185a1d0f5c21f237f824f105df20257f681baec10dd1e9ee786

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/

Response headers

etag
"a10be32fcf68932d87a8b4db3df41cb1"
age
13662431
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
268
x-amz-cf-id
_MqHN6r93pnX86DKBig4AUyUH_bR6aQNLjYCZTHxw3HEjggJxufbSg==
date
Wed, 15 May 2024 00:16:00 GMT
content-type
image/png
last-modified
Wed, 04 Oct 2023 18:54:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
queries
tsmkfa364q-dsn.algolia.net/1/indexes/*/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tsmkfa364q-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(3.35.1)%3B%20Browser%20(lite)&x-algolia-application-id=TSMKFA364Q&x-algolia-api-key=1b53476a9d2ab94737558dab43d30856
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.a0a12aed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
207.244.73.1 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx /
Resource Hash
c58a2d386cf7e56975a2e772e9f83054dbe696d23f29f5bd977194bd6c8439dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.wicked.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
content-type
application/x-www-form-urlencoded

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-Control
no-store
Timing-Allow-Origin
*
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
X-Alg-PT
1
Accept-Encoding
deflate, gzip
Date
Sun, 20 Oct 2024 03:23:10 GMT
Content-Type
application/json; charset=UTF-8
Content-Disposition
inline; filename=a.txt
Server
nginx
event
3tt0xhv5u7.execute-api.us-east-1.amazonaws.com/prod/ 		15 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://3tt0xhv5u7.execute-api.us-east-1.amazonaws.com/prod/event
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.a0a12aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-90.jfk52.r.cloudfront.net
Software
/
Resource Hash
f7d595a699860f394598b720a015537850464e5e469c0783005b3f126f2285b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://lp.wicked.com/

Response headers

x-amz-apigw-id
f7eg3GdYoAMEFhA=
x-amzn-trace-id
Root=1-6714779e-7037e9ef76fb35f6551e0cf9;Parent=714de0a17fd080b7;Sampled=0;Lineage=1:48228f50:0
x-amzn-requestid
ec1e0afd-d779-4957-970f-42a252e178ff
via
1.1 fa2ecff4e65c01748abe1c8c2a9dfb72.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
15
x-amz-cf-id
76koVuaL-UzrjRRf-6dmPzK6cgs_Vm2vNSkV8xvRGIgYbfLA7wkgJg==
date
Sun, 20 Oct 2024 03:23:11 GMT
content-type
application/json
x-amz-cf-pop
JFK52-P3
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abb753d08962a217318573caf5495c66ebed43ec6a31d5489099d80355de8895

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd7d498388e512f4ba6efd28f67abe95f0a34df6facd703a38e7c6c210686c13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5951ca947adfbdecde5e3595bab3c72e4a8d0e14e56330a6f2f3e813f2def9ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		951 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72d8821fc811ae72620c4bc26c89edd26a0f8757473d994095dad7f7a1d603fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
96384_15_01.jpg
transform.gammacdn.com/movies/96384/96384_15/previews/2/371/top_1_1920x1080/ 		0
0
93493_04_01.jpg
transform.gammacdn.com/movies/93493/93493_04/previews/2/427/top_1_1920x1080/ 		0
0
78756_04_01.jpg
transform.gammacdn.com/movies/78756/78756_04/previews/2/371/top_1_1920x1080/ 		0
0
85591_02_01.jpg
transform.gammacdn.com/movies/85591/85591_02/previews/2/371/top_1_1920x1080/ 		0
0
96384_10_01.jpg
transform.gammacdn.com/movies/96384/96384_10/previews/2/371/top_1_1920x1080/ 		0
0
96384_01_01.jpg
transform.gammacdn.com/movies/96384/96384_01/previews/2/371/top_1_1920x1080/ 		0
0
93493_02_01.jpg
transform.gammacdn.com/movies/93493/93493_02/previews/2/427/top_1_1920x1080/ 		0
0
play.svg
ctf-images.gammacdn.com/cdyxtpbavd4i/2JpSF2RDYhMNNgbxGzmhGI/809dc3749eeef6ba0f82147c2adae6b0/ 		663 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctf-images.gammacdn.com/cdyxtpbavd4i/2JpSF2RDYhMNNgbxGzmhGI/809dc3749eeef6ba0f82147c2adae6b0/play.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-108.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b5e46501a968752e84c818d712263eb2f33432e19c1dba3fe68a0dad71322a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/

Response headers

etag
"ca673626ac865329a1c7c1637b371548"
age
1959467
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
663
x-amz-cf-id
Qioha46iefZiu69yEAVr2slcDdJHDajEHy9zVusyg4GbqpbUURoKWw==
date
Fri, 27 Sep 2024 11:05:24 GMT
content-type
image/svg+xml
last-modified
Thu, 05 Oct 2023 13:19:46 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
96384_05_01.jpg
transform.gammacdn.com/movies/96384/96384_05/previews/2/371/top_1_1920x1080/ 		0
0
93493_01_01.jpg
transform.gammacdn.com/movies/93493/93493_01/previews/2/427/top_1_1920x1080/ 		0
0
wk-162319-so1900a.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/3mzP9GwF7djuIqEMwDgQki/c056470584ff2ab8edd6ca2198909fb9/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ctf-images.gammacdn.com/cdyxtpbavd4i/3mzP9GwF7djuIqEMwDgQki/c056470584ff2ab8edd6ca2198909fb9/wk-162319-so1900a.jpg?w=520&fm=webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-108.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/

Response headers

etag
"2db26eb7b36c54a6816156e814e94e59"
age
14311529
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
230111
x-amz-cf-id
tjrn_cC0DDC-Gs74kaGOB2as9aGgpsXjvEzJ1hjiXRG5iuSBOQzwYg==
date
Tue, 07 May 2024 11:57:43 GMT
content-type
image/jpeg
last-modified
Thu, 05 Oct 2023 12:58:49 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
83270_02_01.jpg
transform.gammacdn.com/movies/83270/83270_02/previews/2/371/top_1_1920x1080/ 		0
0
wk-WK001-so1900a.gif
ctf-images.gammacdn.com/cdyxtpbavd4i/5Hzokod8wM4ojNwF9GkJWI/a6d34b4d545140a6fbbf49709a3b9317/ 		0
0
85591_04_01.jpg
transform.gammacdn.com/movies/85591/85591_04/previews/2/371/top_1_1920x1080/ 		0
0
93493_03_01.jpg
transform.gammacdn.com/movies/93493/93493_03/previews/2/427/top_1_1920x1080/ 		0
0
wk_480x480.png
ctf-images.gammacdn.com/cdyxtpbavd4i/24xppATNydKOJqN9gla2WC/a79a10a9da2a617947ccc61cbf85ad5a/ 		0
0
83270_01_01.jpg
transform.gammacdn.com/movies/83270/83270_01/previews/2/371/top_1_1920x1080/ 		0
0
77682_captain_marvel_xxx_an_axel_braun_parody_front_400x625.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/3SYOCqYA5hECgRAjN0GSF7/1ec73b0fcd2110910b9f70159ddba5b0/ 		0
0
85591_01_01.jpg
transform.gammacdn.com/movies/85591/85591_01/previews/2/371/top_1_1920x1080/ 		0
0
78756_05_01.jpg
transform.gammacdn.com/movies/78756/78756_05/previews/2/371/top_1_1920x1080/ 		0
0
96384_06_01.jpg
transform.gammacdn.com/movies/96384/96384_06/previews/2/371/top_1_1920x1080/ 		0
0
93493_05_01.jpg
transform.gammacdn.com/movies/93493/93493_05/previews/2/427/top_1_1920x1080/ 		0
0
85591_03_01.jpg
transform.gammacdn.com/movies/85591/85591_03/previews/2/371/top_1_1920x1080/ 		0
0
93129_01_01.jpg
transform.gammacdn.com/movies/93129/93129_01/previews/2/371/top_1_1920x1080/ 		0
0
77345_deadpool_xxx_-_an_axel_braun_parody_front_400x625.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/7LubzZjBWQlPjxWKEVDLzy/ae62174d0b2ed1a8d848bb47acd7c437/ 		0
0
235830.mp4
videothumb.gammacdn.com/500x281/ 		0
0
209503.mp4
videothumb.gammacdn.com/500x281/ 		0
0
171321.mp4
videothumb.gammacdn.com/500x281/ 		0
0
209667.mp4
videothumb.gammacdn.com/500x281/ 		0
0
227977.mp4
videothumb.gammacdn.com/500x281/ 		0
0
212703.mp4
videothumb.gammacdn.com/500x281/ 		0
0
209501.mp4
videothumb.gammacdn.com/500x281/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
analytics.js
www.google-analytics.com/ 		0
0
dist.js
d3a3ewgd1iewwz.cloudfront.net/promomessages/ 		0
0
dist.js
d3a3ewgd1iewwz.cloudfront.net/promomessages/ 		101 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d3a3ewgd1iewwz.cloudfront.net/promomessages/dist.js
Requested by
Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.a0a12aed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:9400:11:b499:8c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lp.wicked.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=31104000
content-encoding
gzip
etag
W/"a198b55ee96ccd950f11c2ad7971650b"
age
7003851
via
1.1 a410463cf33c032bf74ee26bf94b81b2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
oS1tw33KtrJ6sVkbUFw15Y9XX_AMAvHHeTkcdkd2_c-pk11cPuxLHg==
date
Wed, 31 Jul 2024 01:52:21 GMT
content-type
text/javascript
last-modified
Tue, 09 Jan 2024 21:46:28 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.cloudflareinsights.com
URL
https://static.cloudflareinsights.com/beacon.min.js
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/96384/96384_15/previews/2/371/top_1_1920x1080/96384_15_01.jpg?width=480&height=270
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/93493/93493_04/previews/2/427/top_1_1920x1080/93493_04_01.jpg?width=480&height=270
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/78756/78756_04/previews/2/371/top_1_1920x1080/78756_04_01.jpg?width=480&height=270
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/85591/85591_02/previews/2/371/top_1_1920x1080/85591_02_01.jpg?width=480&height=270
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/96384/96384_10/previews/2/371/top_1_1920x1080/96384_10_01.jpg?width=480&height=270
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/96384/96384_01/previews/2/371/top_1_1920x1080/96384_01_01.jpg?width=480&height=270
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/93493/93493_02/previews/2/427/top_1_1920x1080/93493_02_01.jpg?width=480&height=270
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/96384/96384_05/previews/2/371/top_1_1920x1080/96384_05_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/93493/93493_01/previews/2/427/top_1_1920x1080/93493_01_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/83270/83270_02/previews/2/371/top_1_1920x1080/83270_02_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
ctf-images.gammacdn.com
URL
https://ctf-images.gammacdn.com/cdyxtpbavd4i/5Hzokod8wM4ojNwF9GkJWI/a6d34b4d545140a6fbbf49709a3b9317/wk-WK001-so1900a.gif?w=520&fm=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/85591/85591_04/previews/2/371/top_1_1920x1080/85591_04_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/93493/93493_03/previews/2/427/top_1_1920x1080/93493_03_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
ctf-images.gammacdn.com
URL
https://ctf-images.gammacdn.com/cdyxtpbavd4i/24xppATNydKOJqN9gla2WC/a79a10a9da2a617947ccc61cbf85ad5a/wk_480x480.png?w=520&fm=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/83270/83270_01/previews/2/371/top_1_1920x1080/83270_01_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
ctf-images.gammacdn.com
URL
https://ctf-images.gammacdn.com/cdyxtpbavd4i/3SYOCqYA5hECgRAjN0GSF7/1ec73b0fcd2110910b9f70159ddba5b0/77682_captain_marvel_xxx_an_axel_braun_parody_front_400x625.jpg?w=520&fm=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/85591/85591_01/previews/2/371/top_1_1920x1080/85591_01_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/78756/78756_05/previews/2/371/top_1_1920x1080/78756_05_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/96384/96384_06/previews/2/371/top_1_1920x1080/96384_06_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/93493/93493_05/previews/2/427/top_1_1920x1080/93493_05_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/85591/85591_03/previews/2/371/top_1_1920x1080/85591_03_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
transform.gammacdn.com
URL
https://transform.gammacdn.com/movies/93129/93129_01/previews/2/371/top_1_1920x1080/93129_01_01.jpg?width=520&height=293&enlarge=true&format=webp
Domain
ctf-images.gammacdn.com
URL
https://ctf-images.gammacdn.com/cdyxtpbavd4i/7LubzZjBWQlPjxWKEVDLzy/ae62174d0b2ed1a8d848bb47acd7c437/77345_deadpool_xxx_-_an_axel_braun_parody_front_400x625.jpg?w=520&fm=webp
Domain
videothumb.gammacdn.com
URL
https://videothumb.gammacdn.com/500x281/235830.mp4
Domain
videothumb.gammacdn.com
URL
https://videothumb.gammacdn.com/500x281/209503.mp4
Domain
videothumb.gammacdn.com
URL
https://videothumb.gammacdn.com/500x281/171321.mp4
Domain
videothumb.gammacdn.com
URL
https://videothumb.gammacdn.com/500x281/209667.mp4
Domain
videothumb.gammacdn.com
URL
https://videothumb.gammacdn.com/500x281/227977.mp4
Domain
videothumb.gammacdn.com
URL
https://videothumb.gammacdn.com/500x281/212703.mp4
Domain
videothumb.gammacdn.com
URL
https://videothumb.gammacdn.com/500x281/209501.mp4
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-CBRE1C7EBD&l=dataLayer&cx=c
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
d3a3ewgd1iewwz.cloudfront.net
URL
https://d3a3ewgd1iewwz.cloudfront.net/promomessages/dist.js

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR boolean| __cfRLUnblockHandlers object| webpackChunkleadgen_landing_pages string| __reactRouterVersion object| __algolia object| __cfBeacon object| dataLayer object| __consolidated_events_handlers__ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga

9 Cookies

Domain/Path Name / Value
.wicked.com/ Name: routing
Value: %7B%22landing%22%3Afalse%2C%22adv_id%22%3A212006%7D
.wicked.com/ Name: COOKIE_ACKNOWLEDGED
Value: dismiss
.wicked.com/ Name: landingpage
Value: lp.aff_wicked_parodies
.wicked.com/ Name: s_info
Value: a%253A17%253A%257Bs%253A6%253A%2522adv_id%2522%253Bi%253A212006%253Bs%253A8%253A%2522campaign%2522%253Bs%253A0%253A%2522%2522%253Bs%253A12%253A%2522country_code%2522%253Bs%253A2%253A%2522US%2522%253Bs%253A6%253A%2522origin%2522%253Bs%253A5%253A%2522promo%2522%253Bs%253A10%253A%2522program_id%2522%253Bi%253A8%253Bs%253A11%253A%2522referer_url%2522%253Bs%253A27%253A%2522https%253A%252F%252Fwickedpassword.com%252F%2522%253Bs%253A13%253A%2522subprogram_id%2522%253Bi%253A1%253Bs%253A7%253A%2522site_id%2522%253Bi%253A371%253Bs%253A10%253A%2522gallery_id%2522%253Bs%253A39%253A%2522lp_f8fff884-4cc9-4301-830e-5b11a2cc5b39%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A101%253A%2522Mozilla%252F5.0%2520%2528X11%253B%2520Linux%2520x86_64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F129.0.0.0%2520Safari%252F537.36%2522%253Bs%253A7%253A%2522section%2522%253Bs%253A2%253A%2522lp%2522%253Bs%253A12%253A%2522adv_category%2522%253Bs%253A13%253A%2522external%2520tube%2522%253Bs%253A4%253A%2522type%2522%253BN%253Bs%253A7%253A%2522skin_id%2522%253Bi%253A0%253Bs%253A5%253A%2522pg_id%2522%253Bs%253A88%253A%2522V7oCKcRBLNYcKGjNrzA27XgvUK0EfZ5Xf%252FYKn%252FjpBe0pDUJByrK50TI7buZVZrxQW5WWzkYmeqg9oiciL1GejQ%253D%253D%2522%253Bs%253A2%253A%2522cp%2522%253Bi%253A595%253Bs%253A9%253A%2522timestamp%2522%253Bi%253A1729394590%253B%257D
.wicked.com/ Name: psale
Value: a%253A17%253A%257Bs%253A6%253A%2522adv_id%2522%253Bi%253A212006%253Bs%253A8%253A%2522campaign%2522%253Bs%253A0%253A%2522%2522%253Bs%253A12%253A%2522country_code%2522%253Bs%253A2%253A%2522US%2522%253Bs%253A6%253A%2522origin%2522%253Bs%253A5%253A%2522promo%2522%253Bs%253A10%253A%2522program_id%2522%253Bi%253A8%253Bs%253A11%253A%2522referer_url%2522%253Bs%253A27%253A%2522https%253A%252F%252Fwickedpassword.com%252F%2522%253Bs%253A13%253A%2522subprogram_id%2522%253Bi%253A1%253Bs%253A7%253A%2522site_id%2522%253Bi%253A371%253Bs%253A10%253A%2522gallery_id%2522%253Bs%253A39%253A%2522lp_f8fff884-4cc9-4301-830e-5b11a2cc5b39%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A101%253A%2522Mozilla%252F5.0%2520%2528X11%253B%2520Linux%2520x86_64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F129.0.0.0%2520Safari%252F537.36%2522%253Bs%253A7%253A%2522section%2522%253Bs%253A2%253A%2522lp%2522%253Bs%253A12%253A%2522adv_category%2522%253Bs%253A13%253A%2522external%2520tube%2522%253Bs%253A4%253A%2522type%2522%253BN%253Bs%253A7%253A%2522skin_id%2522%253Bi%253A0%253Bs%253A5%253A%2522pg_id%2522%253Bs%253A88%253A%2522V7oCKcRBLNYcKGjNrzA27XgvUK0EfZ5Xf%252FYKn%252FjpBe0pDUJByrK50TI7buZVZrxQW5WWzkYmeqg9oiciL1GejQ%253D%253D%2522%253Bs%253A2%253A%2522cp%2522%253Bi%253A595%253Bs%253A9%253A%2522timestamp%2522%253Bi%253A1729394590%253B%257D
.wicked.com/ Name: ssale
Value: a%253A17%253A%257Bs%253A6%253A%2522adv_id%2522%253Bi%253A212006%253Bs%253A8%253A%2522campaign%2522%253Bs%253A0%253A%2522%2522%253Bs%253A12%253A%2522country_code%2522%253Bs%253A2%253A%2522US%2522%253Bs%253A6%253A%2522origin%2522%253Bs%253A5%253A%2522promo%2522%253Bs%253A10%253A%2522program_id%2522%253Bi%253A8%253Bs%253A11%253A%2522referer_url%2522%253Bs%253A27%253A%2522https%253A%252F%252Fwickedpassword.com%252F%2522%253Bs%253A13%253A%2522subprogram_id%2522%253Bi%253A1%253Bs%253A7%253A%2522site_id%2522%253Bi%253A371%253Bs%253A10%253A%2522gallery_id%2522%253Bs%253A39%253A%2522lp_f8fff884-4cc9-4301-830e-5b11a2cc5b39%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A101%253A%2522Mozilla%252F5.0%2520%2528X11%253B%2520Linux%2520x86_64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F129.0.0.0%2520Safari%252F537.36%2522%253Bs%253A7%253A%2522section%2522%253Bs%253A2%253A%2522lp%2522%253Bs%253A12%253A%2522adv_category%2522%253Bs%253A13%253A%2522external%2520tube%2522%253Bs%253A4%253A%2522type%2522%253BN%253Bs%253A7%253A%2522skin_id%2522%253Bi%253A0%253Bs%253A5%253A%2522pg_id%2522%253Bs%253A88%253A%2522V7oCKcRBLNYcKGjNrzA27XgvUK0EfZ5Xf%252FYKn%252FjpBe0pDUJByrK50TI7buZVZrxQW5WWzkYmeqg9oiciL1GejQ%253D%253D%2522%253Bs%253A2%253A%2522cp%2522%253Bi%253A595%253Bs%253A9%253A%2522timestamp%2522%253Bi%253A1729394590%253B%257D
.wicked.com/ Name: site_371
Value: 1
.wicked.com/ Name: origin
Value: promo
.wicked.com/ Name: timestamp
Value: 1729394590

2 Console Messages

Source Level URL
Text
network error URL: https://wickedpassword.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error
Message:
The script has an unsupported MIME type ('text/html').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3tt0xhv5u7.execute-api.us-east-1.amazonaws.com
cloudflareinsights.com
ctf-images.gammacdn.com
d3a3ewgd1iewwz.cloudfront.net
fonts.googleapis.com
lp.wicked.com
static.cloudflareinsights.com
static01-cms-fame.gammacdn.com
transform.gammacdn.com
tsmkfa364q-dsn.algolia.net
videothumb.gammacdn.com
wickedpassword.com
wp8q3hdhdz-dsn.algolia.net
www.g2fame.com
www.gammaentertainment.com
www.google-analytics.com
www.googletagmanager.com
www.wicked.com
ctf-images.gammacdn.com
d3a3ewgd1iewwz.cloudfront.net
static.cloudflareinsights.com
transform.gammacdn.com
videothumb.gammacdn.com
www.google-analytics.com
www.googletagmanager.com
104.26.6.210
104.26.6.229
13.35.93.73
172.67.206.185
172.67.75.124
18.238.49.108
18.238.49.90
207.244.73.1
2600:9000:261f:9400:11:b499:8c0:93a1
2606:4700::6810:4f49
2606:4700::6810:5049
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2008
0070708c1a11c0f8b879658ea275c54e3bb4b9fd68855f761084b0ff291a9fd8
1367ec113dcffe1e36b18519252cd4df773637572c821895f7d8a0b0050ae640
2a76cb8411119185a1d0f5c21f237f824f105df20257f681baec10dd1e9ee786
588a2da92adaf57cf7a9d5ae1ce4aa244586bc31f8a48e190f7a725a376b034a
5951ca947adfbdecde5e3595bab3c72e4a8d0e14e56330a6f2f3e813f2def9ba
5bc452e5aab8a84604bb91e5dab6a46fd4c23ab8a28bff66a165513d2bd10367
6b5e46501a968752e84c818d712263eb2f33432e19c1dba3fe68a0dad71322a4
72d8821fc811ae72620c4bc26c89edd26a0f8757473d994095dad7f7a1d603fc
773d6faa03997b9c947bd6e403dd7f46df62d39605201e2f3c73d11fcc39cb20
79c8832bb23cb3e199eb0c226b459947d0702d0de69928a80781bc7015c46311
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9484490e74fc09892477068135df429b417217c0c0093a3de67f7436f61b33b4
a137fde62dd1f9bb9cca84be64780cbfe1b51ec5a5eecd9ca7a28b239bad11a4
abb753d08962a217318573caf5495c66ebed43ec6a31d5489099d80355de8895
b0f28c3bafd1d9759c5ef0f8e6f634b34b7d2b08059253d3b237dfbd76f90b4b
c158cb3c2439ee43aa13ca0525cae77c9cfc38e3e1f720822f70b69244a4e486
c58a2d386cf7e56975a2e772e9f83054dbe696d23f29f5bd977194bd6c8439dd
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d36d1d0a945427f38573f5d35f6634b2f60b3d2da0efbbb46c89dc66ddb25c8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d1560df5054619fb8913015df9c008b66466fd1833624c2b69e27df38381e0
ed27286c1eef6368b7b8fd34ef6f0108f450099248dbe8e79699e77d6d4c18a4
f7d595a699860f394598b720a015537850464e5e469c0783005b3f126f2285b8
fd7d498388e512f4ba6efd28f67abe95f0a34df6facd703a38e7c6c210686c13