lp.wicked.com Open in urlscan Pro
104.26.6.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wicked22.com/
Effective URL:
https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=
Submission Tags: phishingrod
Submission: On August 04 via api (August 4th 2024, 1:49:59 am UTC) from DE — Scanned from US

Summary HTTP 82 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 82 HTTP transactions. The main IP is 104.26.6.229, located in and belongs to CLOUDFLARENET, US. The main domain is lp.wicked.com.
TLS certificate: Issued by WE1 on July 6th 2024. Valid for: 3 months.

This is the only time lp.wicked.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	63.250.32.136 63.250.32.136	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	104.26.8.108 104.26.8.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	104.26.6.229 104.26.6.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	207.244.73.1 207.244.73.1	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	13.35.93.110 13.35.93.110	16509 (AMAZON-02) (AMAZON-02)
1	104.26.7.210 104.26.7.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.238.49.50 18.238.49.50	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
11	18.238.49.23 18.238.49.23	16509 (AMAZON-02) (AMAZON-02)
1	108.59.0.18 108.59.0.18	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	2607:f8b0:400... 2607:f8b0:4004:c06::8b	15169 (GOOGLE) (GOOGLE)
36	18.238.55.108 18.238.55.108	16509 (AMAZON-02) (AMAZON-02)
3	18.164.116.112 18.164.116.112	16509 (AMAZON-02) (AMAZON-02)
2	99.84.160.49 99.84.160.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:261... 2600:9000:261f:1e00:11:b499:8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.253.63.102 172.253.63.102	() ()
82	17

1 63.250.32.136 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.babe4k.com

wicked22.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.8.108 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.iyalc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.26.6.229 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.wicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.wicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.244.73.1 (New Castle, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

wp8q3hdhdz-dsn.algolia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-110.jfk50.r.cloudfront.net

static01-cms-fame.gammacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.7.210 (None, )

ASN13335 (CLOUDFLARENET, US)

www.gammaentertainment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.49.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-50.jfk52.r.cloudfront.net

3tt0xhv5u7.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.238.49.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-23.jfk52.r.cloudfront.net

ctf-images.gammacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.59.0.18 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)

tsmkfa364q-dsn.algolia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 18.238.55.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-108.jfk52.r.cloudfront.net

transform.gammacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.116.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-112.jfk50.r.cloudfront.net

videothumb.gammacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.160.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-49.ord52.r.cloudfront.net

ctf-videos.gammacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:261f:1e00:11:b499:8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3a3ewgd1iewwz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.102 (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	gammacdn.com static01-cms-fame.gammacdn.com — Cisco Umbrella Rank: 252651 ctf-images.gammacdn.com — Cisco Umbrella Rank: 444702 transform.gammacdn.com — Cisco Umbrella Rank: 240252 videothumb.gammacdn.com — Cisco Umbrella Rank: 317910 ctf-videos.gammacdn.com — Cisco Umbrella Rank: 836413	15 MB
10	wicked.com 1 redirects www.wicked.com lp.wicked.com	164 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
3	algolia.net wp8q3hdhdz-dsn.algolia.net — Cisco Umbrella Rank: 252000 tsmkfa364q-dsn.algolia.net — Cisco Umbrella Rank: 265018	7 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223 Failed cloudflareinsights.com — Cisco Umbrella Rank: 1204	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	189 KB
2	amazonaws.com 3tt0xhv5u7.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 440801	826 B
1	cloudfront.net d3a3ewgd1iewwz.cloudfront.net	38 KB
1	gammaentertainment.com www.gammaentertainment.com — Cisco Umbrella Rank: 241590	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	893 B
1	iyalc.com 1 redirects www.iyalc.com	535 B
1	wicked22.com 1 redirects wicked22.com	615 B
0	contentful.com Failed app.contentful.com Failed
82	13

	Domain	Requested by
36	transform.gammacdn.com	lp.wicked.com
11	ctf-images.gammacdn.com
8	lp.wicked.com	lp.wicked.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	videothumb.gammacdn.com
2	ctf-videos.gammacdn.com
2	www.googletagmanager.com	lp.wicked.com www.googletagmanager.com
2	3tt0xhv5u7.execute-api.us-east-1.amazonaws.com	lp.wicked.com
2	cloudflareinsights.com	static.cloudflareinsights.com
2	wp8q3hdhdz-dsn.algolia.net	lp.wicked.com d3a3ewgd1iewwz.cloudfront.net
2	www.wicked.com	1 redirects lp.wicked.com
1	d3a3ewgd1iewwz.cloudfront.net	lp.wicked.com
1	tsmkfa364q-dsn.algolia.net	lp.wicked.com
1	www.gammaentertainment.com	lp.wicked.com
1	static01-cms-fame.gammacdn.com
1	static.cloudflareinsights.com	lp.wicked.com
1	fonts.googleapis.com	lp.wicked.com
1	www.iyalc.com	1 redirects
1	wicked22.com	1 redirects
0	app.contentful.com Failed	lp.wicked.com
82	20

This site contains links to these domains. Also see Links.

Domain
www.wicked.com
epoch.com
cs.segpay.com
form.jotform.com
www.asacp.org
www.rtalabel.org

Subject Issuer	Validity	Valid
wicked.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
algolia.net Sectigo RSA Organization Validation Secure Server CA	`2024-01-04` - `2025-02-02`	a year	crt.sh
*.gammacdn.com Amazon RSA 2048 M03	`2024-06-16` - `2025-07-14`	a year	crt.sh
gammaentertainment.com WE1	`2024-07-07` - `2024-10-05`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M02	`2024-06-16` - `2025-07-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
transform.gammacdn.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=
Frame ID: FC0B564C8A3FC4E1228A8A39F268790D
Requests: 84 HTTP requests in this frame

Frame: https://www.wicked.com/track/go.php?si=371&noredirect=true&disableRouting=1&cs=lp&referer_url=&ad=212539&campaign=391217&gallery_id=lp_dff91f7d-2563-4983-a921-e313f4d7f750&su=1
Frame ID: 44296AD87FC958DEB818606B78A595AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wicked Comix | Wicked Fairy Tales

Page URL History Show full URLs

https://wicked22.com/ HTTP 301
https://www.iyalc.com/wicked/go.php?pr=8&su=1&si=371&ad=212539&cs=lp&cl=/parodies&ar=&campaign=391... HTTP 301
https://www.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cs=lp&cl=/parodies&ar=&campaign=3912... HTTP 301
https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&b... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

82
Requests

96 %
HTTPS

28 %
IPv6

13
Domains

20
Subdomains

17
IPs

2
Countries

15854 kB
Transfer

16669 kB
Size

13
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wicked.com/en/login
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://epoch.com/
Title: Epoch.com

Search URL Search Domain Scan URL

URL: https://cs.segpay.com/
Title: SEGPAYEU.com

Search URL Search Domain Scan URL

URL: https://form.jotform.com/contentinquiries/report-content-violations
Title: Content Removal

Search URL Search Domain Scan URL

URL: https://www.asacp.org/?content=validate&ql=mar50291

Search URL Search Domain Scan URL

URL: https://www.rtalabel.org/?content=validate&ql=mar50291&rating=RTA-5042-1996-1400-1577-RTA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wicked22.com/ HTTP 301
https://www.iyalc.com/wicked/go.php?pr=8&su=1&si=371&ad=212539&cs=lp&cl=/parodies&ar=&campaign=391217&buffer= HTTP 301
https://www.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cs=lp&cl=/parodies&ar=&campaign=391217&buffer= HTTP 301
https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

82 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request go.php Show response
lp.wicked.com/track/
Redirect Chain

https://wicked22.com/
https://www.iyalc.com/wicked/go.php?pr=8&su=1&si=371&ad=212539&cs=lp&cl=/parodies&ar=&campaign=391217&buffer=
https://www.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cs=lp&cl=/parodies&ar=&campaign=391217&buffer=
https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=

1 KB
960 B

230ms
178ms

Document
text/html

104.26.6.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1158e1bfd44a27b80445810a99d2f1716082ff2532f2af1ebac5b2e3cbef7bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8adae4a288dda4d9-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 01:49:49 GMT
link: <wp8q3hdhdz-dsn.algolia.net>; rel="preconnect"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdXYmtlNYwy%2BDWl2RwZWQP9fm6IpxJWIdJFT%2FupaXq6ldh0XCe8AA%2BjTk%2FgG3ThlWWrD5nkr22o8jvzHUVsYg3sxqrxVetb4%2B4ZN4qfkSoQqMJWL7akaN1OQpwXoQexf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8adae4a0ddfca4d9-MIA
content-type: text/html; charset=UTF-8
date: Sun, 04 Aug 2024 01:49:49 GMT
location: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l5yJQVDUYk%2BUBxv%2BI2jAO4XVzyxEbTiDBvBdag%2BSZtxBZZQqzNwTqPaHzprNJZB%2BmPplV%2Be7LLH1rW8qc1CDTKuk8VSO%2Boid7CvgSEbW84LbgarSva4qKGK27jnoUqO5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 main.6530ace7.css
lp.wicked.com/static/css/ 2 KB
1 KB 49ms
48ms Stylesheet
text/css 104.26.6.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.wicked.com/static/css/main.6530ace7.css

Requested by

Host: lp.wicked.com
URL: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c8832bb23cb3e199eb0c226b459947d0702d0de69928a80781bc7015c46311

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:50 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 3264
etag: W/"dd30e2b39a50e578a65848f1f22ab62a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYV9fR8CPF0pfFgrXg4TJc0Np8Mzqku%2BUCT4MWGdlKlHAdrslfysgxhXcQBsCPIq0U78zp5ydeHmOSnjyba9OCFthPQ0YxI1nkIw%2BrUHaazcbtnvenMYjXcXiSZEXwr3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8adae4a45b62a4d9-MIA

GET
H2 200 rocket-loader.min.js Show response
lp.wicked.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 35ms
35ms Script
application/javascript 104.26.6.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.wicked.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.wicked.com
URL: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jul 2024 21:56:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66a9617e-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iz7vuAjqpL4NixhLzquYlwNHfWHY0JVqPbDyn2oMu89l1%2BJHJjOaxMxfiHsn2yQN6rAIEoJeDflW0PI22KaaBsZCmrHNH5SI37wwUAUwHdsVbbI8vt05plZkVM0WXS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8adae4a45b65a4d9-MIA
expires: Tue, 06 Aug 2024 01:49:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
893 B 185ms
69ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Hind:wght@600;700&display=swap

Requested by

Host: lp.wicked.com
URL: https://lp.wicked.com/static/css/main.6530ace7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

450ad4adcaafd4be140ccb5a1bb458ca9335f426ac7a5b3f01d24bdabe3ffa68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 01:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 01:49:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Aug 2024 01:49:50 GMT

GET beacon.min.js
static.cloudflareinsights.com/ 0
0

GET
H2 200 main.963fd1a7.js Show response
lp.wicked.com/static/js/ 452 KB
147 KB 52ms
52ms Script
application/javascript 104.26.6.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.wicked.com/static/js/main.963fd1a7.js

Requested by

Host: lp.wicked.com
URL: https://lp.wicked.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d14576cac1d1587a275ef90cf4e169e7b95d1a9d7e91228e9243b9485227437c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:50 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 3264
etag: W/"61446631bb94e19d2d6be79855beb78d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=epRzmKUCejUVbHRcTXi1F94Qa%2F8eAeHveck30IHZx0C0n%2Bd7URVZp5iDBruXj7bWYjIh2B3cf9x53CWvDC2n72fj%2FH7E%2B603bnG%2F92IichufSjcqY2V55u97qC0lOHcp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8adae4a5dd8ea4d9-MIA

GET
H2 200 favicon.ico
lp.wicked.com/ 1 KB
809 B 115ms
115ms Other
text/html 104.26.6.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.wicked.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a5dc2eb4a24c652650c1b8af550ef2b45bfdba80a52d0241dcc32cb5a78f9f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:50 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Sun, 04 Aug 2024 01:49:50 GMT
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Fy%2BmhgwX6p6xvQQz0fCh5zmHg%2Bg3i%2FRORmzexnWpH%2FZ%2F9cqnUMB%2Fj4lwqIq5WS7x5x%2Ba1pR06pTqatRXGelFj57gp2IxyMtsynGmYrZmfwBI%2FHKDp1qXM4sPUVSEwep"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8adae4a5dda0a4d9-MIA
link: <wp8q3hdhdz-dsn.algolia.net>; rel="preconnect"

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 19 KB
7 KB 103ms
102ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: lp.wicked.com
URL: https://lp.wicked.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:50 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8adae4a6ffa13349-MIA

POST
H/1.1 200
OK queries Show response
wp8q3hdhdz-dsn.algolia.net/1/indexes/*/ 4 KB
2 KB 412ms
150ms XHR
application/json 207.244.73.1
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://wp8q3hdhdz-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(3.35.1)%3B%20Browser%20(lite)&x-algolia-application-id=WP8Q3HDHDZ&x-algolia-api-key=269ee080941929e3829f27dc3a7fd46b

Requested by

Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.244.73.1 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

b4aac55a386f7c5781db81466154732f48bc544b155cd735e4378733e5ec10f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 04 Aug 2024 01:49:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Accept-Encoding: deflate, gzip
X-Alg-PT: 1
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Disposition: inline; filename=a.txt
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 favicon.ico
lp.wicked.com/ 1 KB
0 0ms
0ms Other
text/html 104.26.6.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.wicked.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a5dc2eb4a24c652650c1b8af550ef2b45bfdba80a52d0241dcc32cb5a78f9f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.wicked.com/parodies?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:50 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Sun, 04 Aug 2024 01:49:50 GMT
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Fy%2BmhgwX6p6xvQQz0fCh5zmHg%2Bg3i%2FRORmzexnWpH%2FZ%2F9cqnUMB%2Fj4lwqIq5WS7x5x%2Ba1pR06pTqatRXGelFj57gp2IxyMtsynGmYrZmfwBI%2FHKDp1qXM4sPUVSEwep"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8adae4a5dda0a4d9-MIA
link: <wp8q3hdhdz-dsn.algolia.net>; rel="preconnect"

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
37 B 37ms
35ms XHR
text/plain 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 04 Aug 2024 01:49:50 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://lp.wicked.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8adae4a89a358754-MIA

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 147ms
33ms Preflight
text/plain 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://lp.wicked.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://lp.wicked.com
access-control-max-age: 86400
cf-ray: 8adae4a86a108754-MIA
content-encoding: gzip
content-type: text/plain
date: Sun, 04 Aug 2024 01:49:50 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 scenegrid.becff798.chunk.css
lp.wicked.com/static/css/ 337 B
599 B 58ms
58ms Stylesheet
text/css 104.26.6.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.wicked.com/static/css/scenegrid.becff798.chunk.css

Requested by

Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7d1560df5054619fb8913015df9c008b66466fd1833624c2b69e27df38381e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.wicked.com/parodies?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:51 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 3264
etag: W/"ba7b48ba036f4f61ab163662461816a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BWwRt7vvKSQK7dhmk6ptiuOG0VOezxd7Yt3oTzshPfP4nko4MscMJdfY40Ri3h6iVKdbruJLtkFuUXghvm6QeZq%2FGXqfrHnAayzGyua3iONimsP1XGq0mfUbaJl8t1O"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8adae4a9cb30a4d9-MIA

GET
H2 200 scenegrid.464bf7eb.chunk.js Show response
lp.wicked.com/static/js/ 21 KB
8 KB 59ms
59ms Script
application/javascript 104.26.6.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.wicked.com/static/js/scenegrid.464bf7eb.chunk.js

Requested by

Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f5ba4f5a10adbb3965d5cc3c14023764595daca1fd77365ce44c16c16274675

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.wicked.com/parodies?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:51 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 3264
etag: W/"0bdb9b217dd1b86aaf070a89271d4c00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pHXZv6GRdMZ79FRKHg3rR5O7p1OpDpJiDe1Z%2Bi%2BlChldNkOXsPiO2D7wSuaRgoTOh9%2FklAO5Fe2345Mposlb2b8ZLqB3%2FTGvpUhTTcIwjIVKdVWrSslBO2gj7Fg%2FwQu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8adae4a9cb32a4d9-MIA

GET
H2 200 go.php
www.wicked.com/track/ Frame 4429 0
0 891ms
891ms Document
text/html 104.26.6.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wicked.com/track/go.php?si=371&noredirect=true&disableRouting=1&cs=lp&referer_url=&ad=212539&campaign=391217&gallery_id=lp_dff91f7d-2563-4983-a921-e313f4d7f750&su=1
Requested by: Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://lp.wicked.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8adae4a9cb44a4d9-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Aug 2024 01:49:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NON NID PSAa PSDa OUR IND NAV"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlbvDC%2FZKFWBsychkHVlwj6LxfqOjKNPTQOG%2FFi%2BKv68pHWbNVYgFJlsXIINrnuQEILpNIy3dd4KdVoHOczILfz5OCNa6riWqx8%2BPw8rnOwEGYLE3PWQmFb5BfYeIZmV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 logo.svg
static01-cms-fame.gammacdn.com/wicked/m/ervi2kaiy5cgkko4/ 2 KB
2 KB 339ms
60ms Image
image/svg+xml 13.35.93.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01-cms-fame.gammacdn.com/wicked/m/ervi2kaiy5cgkko4/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-110.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: c158cb3c2439ee43aa13ca0525cae77c9cfc38e3e1f720822f70b69244a4e486

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 00:55:26 GMT
content-encoding: gzip
via: 1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jul 2019 16:58:30 GMT
server: nginx
x-amz-cf-pop: JFK50-P8
age: 25059265
etag: W/"5d41c8b6-954"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: Ia_CY3fcpsTT0WfWibYHiZYy-cLiFOILUFCRMyoWxCpO52B1UOhAOA==
expires: Fri, 18 Oct 2024 00:55:26 GMT

GET
H2 200 sitefooter Show response
www.gammaentertainment.com/legal/ 11 KB
8 KB 253ms
141ms Fetch
text/html 104.26.7.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gammaentertainment.com/legal/sitefooter?siteurl=Wicked.com&version=epoch

Requested by

Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.210 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bc452e5aab8a84604bb91e5dab6a46fd4c23ab8a28bff66a165513d2bd10367

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:51 GMT
content-security-policy: frame-ancestors 'self';
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gAe%2BtD8sDNMJinmPxw16Xu3Dx5Bh43ncNqrKOZ%2FL30ZryYAaRkNdPx3%2BsqunuCe2bDv%2BdY6srzJ1bmgWBDpCy0SOiff1nA%2FfW2Ux4TztkNMTcMoC6uPeXQUs4%2BNCuL5nidfJFDVWLgi6AT%2Fc"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-ray: 8adae4aa8ffe31e6-MIA

POST
H2 200 event Show response
3tt0xhv5u7.execute-api.us-east-1.amazonaws.com/prod/ 15 B
415 B 408ms
234ms Fetch
application/json 18.238.49.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3tt0xhv5u7.execute-api.us-east-1.amazonaws.com/prod/event
Requested by: Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-50.jfk52.r.cloudfront.net
Software: /
Resource Hash: f7d595a699860f394598b720a015537850464e5e469c0783005b3f126f2285b8

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Aug 2024 01:49:51 GMT
via: 1.1 e3d2c542026df7b9357e3b591c889f64.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
x-amzn-trace-id: Root=1-66aede3f-5e24c725759df4595df04559;Parent=77b9399f4dea3705;Sampled=0;lineage=48228f50:0
x-amzn-requestid: 3e6f6631-fd04-4c70-9ed6-ec292bcc2340
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: b9ep7E4MoAMEntw=
content-length: 15
x-amz-cf-id: cuyJ2gkuE0PZBRETb_MgEJnsTPVcJh2CB7NZZ6phYbokO1QmXKI-bg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
87 KB 191ms
77ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPXSS5Z&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: lp.wicked.com
URL: https://lp.wicked.com/track/go.php?pr=8&su=1&si=371&ad=212539&cl=%2Fparodies&ar=&campaign=391217&buffer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

472e36b2f7f97da0e5442026ffc913fc97206395e1d7bd7563b1a202170037f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88379
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Aug 2024 01:49:51 GMT

GET
H2 200 favicon-16x16-compressor.png
ctf-images.gammacdn.com/cdyxtpbavd4i/3SveUMUB3fZlE4h1czgPAO/dc8d4649f9dff0b5010319c9ce643ce7/ 268 B
623 B 337ms
60ms Other
image/png 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/3SveUMUB3fZlE4h1czgPAO/dc8d4649f9dff0b5010319c9ce643ce7/favicon-16x16-compressor.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a76cb8411119185a1d0f5c21f237f824f105df20257f681baec10dd1e9ee786

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 15 May 2024 00:16:00 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Wed, 04 Oct 2023 18:54:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
age: 7004032
etag: "a10be32fcf68932d87a8b4db3df41cb1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 268
x-amz-cf-id: i49gy-xfiO10616wniTfkSeLnh-KoxXQaS8MPmNdCJ2aObJqJ-iQsQ==

POST
H/1.1 200
OK queries Show response
tsmkfa364q-dsn.algolia.net/1/indexes/*/ 14 KB
2 KB 330ms
56ms XHR
application/json 108.59.0.18
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://tsmkfa364q-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(3.35.1)%3B%20Browser%20(lite)&x-algolia-application-id=TSMKFA364Q&x-algolia-api-key=1b53476a9d2ab94737558dab43d30856

Requested by

Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

108.59.0.18 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

d19a4289180a696dd4ff1e1f0dbcc0904c0b4c01447daca0181f1ebd75f46776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 04 Aug 2024 01:49:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Accept-Encoding: deflate, gzip
X-Alg-PT: 1
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Disposition: inline; filename=a.txt
Connection: keep-alive
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abb753d08962a217318573caf5495c66ebed43ec6a31d5489099d80355de8895

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd7d498388e512f4ba6efd28f67abe95f0a34df6facd703a38e7c6c210686c13

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5951ca947adfbdecde5e3595bab3c72e4a8d0e14e56330a6f2f3e813f2def9ba

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 951 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72d8821fc811ae72620c4bc26c89edd26a0f8757473d994095dad7f7a1d603fc

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
103 KB 75ms
74ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CBRE1C7EBD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPXSS5Z&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0725f1905f6d6216f5a418e71bfc5e6a75e2e79c1b1d8c18fde682ede9f5fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Aug 2024 01:49:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 173ms
56ms Script
text/javascript 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPXSS5Z&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Aug 2024 01:07:20 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2551
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 04 Aug 2024 03:07:20 GMT

GET
H2 200 77169_02_01.jpg
transform.gammacdn.com/movies/77169/77169_02/previews/2/371/top_1_960x544/ 29 KB
30 KB 360ms
118ms Image
image/jpeg 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77169/77169_02/previews/2/371/top_1_960x544/77169_02_01.jpg?width=480&height=270
Requested by: Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1415ef60af9eeb9f137512d07f1fa1342d55c1585dfca2d5cf3bad8e628228c0

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 16:29:54 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Thu, 03 Oct 2019 23:21:52 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 292798
etag: "8b93be8d4c33113b703b20c3645813e5"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 29977
x-amz-cf-id: Wpy1J7amard87ceruzCho5mKjuV3FqvPQvG3AjtIEjCZEJHQR_sJbg==

GET
H2 200 77682_03_01.jpg
transform.gammacdn.com/movies/77682/77682_03/previews/2/371/top_1_1920x1080/ 27 KB
28 KB 416ms
177ms Image
image/jpeg 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77682/77682_03/previews/2/371/top_1_1920x1080/77682_03_01.jpg?width=480&height=270
Requested by: Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7391e937ada9ce521e18fb2d68981d08c3b441dd658f68fa4867abb1ed947e19

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 22:37:03 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Apr 2020 00:52:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 184369
etag: "609db58631e8201b7dcb18ae207b5403"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 27808
x-amz-cf-id: ZXJca6RmjTR4fuu1indKj1w2-ewo1K21uj-JQQAUoxpeLc3DhipFSg==

GET
H2 200 77169_05_01.jpg
transform.gammacdn.com/movies/77169/77169_05/previews/2/371/top_1_960x544/ 28 KB
29 KB 305ms
69ms Image
image/jpeg 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77169/77169_05/previews/2/371/top_1_960x544/77169_05_01.jpg?width=480&height=270
Requested by: Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f06ed230f6e0cc2ea8ed3bddde802ac1d362fd76da059d3fb5a8177bc58d155d

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 22:37:03 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 13:55:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 184369
etag: "71bfe7be0f6a9c9ba8af62dc110ed3e3"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 29113
x-amz-cf-id: wgLMc0UZIxLjboCwaIkPVSLOXinwcfz6vS3vMReStcpWaGid7cKAIg==

GET 3oSI4qghybiu8gRa5RXTDT
app.contentful.com/spaces/cdyxtpbavd4i/assets/ 0
0

GET
H2 200 play.svg
ctf-images.gammacdn.com/cdyxtpbavd4i/2JpSF2RDYhMNNgbxGzmhGI/809dc3749eeef6ba0f82147c2adae6b0/ 663 B
1011 B 59ms
58ms Image
image/svg+xml 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/2JpSF2RDYhMNNgbxGzmhGI/809dc3749eeef6ba0f82147c2adae6b0/play.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b5e46501a968752e84c818d712263eb2f33432e19c1dba3fe68a0dad71322a4

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 09:32:07 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 13:19:46 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
age: 145065
etag: "ca673626ac865329a1c7c1637b371548"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 663
x-amz-cf-id: eUkXkDs3brSIiYgdCE_SOgvKE6D4G32ici_abA-LCq5r_Kaw3ePaCg==

GET
H2 200 THE_BATMAN_FOR_GAMMA.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/5AX5Fbtk7DR0kIuWuFJnOh/f724d97f58093b6db67dfbdeeae443b1/ 269 KB
269 KB 170ms
161ms Image
image/jpeg 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/5AX5Fbtk7DR0kIuWuFJnOh/f724d97f58093b6db67dfbdeeae443b1/THE_BATMAN_FOR_GAMMA.jpg?w=520&fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cae651a10e51f77ff50337c478cc9c1be979890c45796556aafa09e70766333

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Wed, 04 Oct 2023 18:39:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "806b0d2315015aba80e3b57c74170283"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 275009
x-amz-cf-id: m1lZFaWH_DOHK8j5PLsIyF3Z3VZ70ZuvkKyzrvKPcUNDxTq8-aJG5Q==

GET
H2 200 SuperBat.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/gPgYQ3SMAwkKEPFhD8RA9/ab86cd15dd039cc6df1a46a11c7f2c1a/ 136 KB
137 KB 428ms
419ms Image
image/jpeg 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/gPgYQ3SMAwkKEPFhD8RA9/ab86cd15dd039cc6df1a46a11c7f2c1a/SuperBat.jpg?w=520&fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1457e8edb99d1d3840c8f4e01cebe21e433539fe9d4e21c1a9a44cc64d1d925

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 11:55:59 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "19aec20c4e3a5998e70f93b081732c82"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 139516
x-amz-cf-id: xGyePWGi4IZW8qxpm6egIui5_nrLF6cmJH2GPAYMhc6Ccj5Q3TdFtA==

GET
H2 200 CaptainMarverlWins.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/2XzgxoJen5C2F7i6VzCIyl/79421541521993c2fe525c34822f35ee/ 141 KB
141 KB 443ms
435ms Image
image/jpeg 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/2XzgxoJen5C2F7i6VzCIyl/79421541521993c2fe525c34822f35ee/CaptainMarverlWins.jpg?w=520&fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffb9b126c40fecb034bf6a33106ed623a6fb8b1e51370abda2d10f4ced5ddceb

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Wed, 04 Oct 2023 19:46:50 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "482b304b82f208c2c689b2e20ba1cd49"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 144238
x-amz-cf-id: PfSdHoipfVJeHWMpmYjAq_kGKMbKTS6j09rA847CQ7WEP2yXQIVlxA==

GET
H2 200 77682_04_01.jpg
transform.gammacdn.com/movies/77682/77682_04/previews/2/371/top_1_1920x1080/ 25 KB
25 KB 213ms
201ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77682/77682_04/previews/2/371/top_1_1920x1080/77682_04_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad43e78cf7181b48c5e4a9d8c35362af6a482e1c10fad8baf5ad8b6a2af4b50e

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Thu, 17 Oct 2019 18:14:47 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "343fb1a0250036919181998b4210e9a7"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 25222
x-amz-cf-id: z-eU8F2eOAgVx06kZQENCpfRNvZlwDecefcDBuM3LLF8UAyghmBDMQ==

GET
H2 200 96384_06_01.jpg
transform.gammacdn.com/movies/96384/96384_06/previews/2/371/top_1_1920x1080/ 35 KB
35 KB 146ms
136ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/96384/96384_06/previews/2/371/top_1_1920x1080/96384_06_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eafb5cdda4695df3f21df2f3c82fbafe9187102eb113533daddd8dc54304d8fb

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 08 Jun 2024 14:57:10 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 15:17:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 4877562
etag: "8bd1813dd5d298d70cb403352f077e7e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 35780
x-amz-cf-id: AV2zCzQxEkaz86a8xutzARtHsNP6l92JUFkb_bsCiWqclL86PvYEIw==

GET
H2 200 Deadpool.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/3TJh3r4GWag4PWaGFhBHMU/ec953bf81c126f0c49218c7f2de0cd80/ 198 KB
198 KB 407ms
400ms Image
image/jpeg 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/3TJh3r4GWag4PWaGFhBHMU/ec953bf81c126f0c49218c7f2de0cd80/Deadpool.jpg?w=520&fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d413f447b5881b2ebe124c2c222a68e853fc86bc886cb3f81439ee85a17309ab

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 13:13:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "94bee8c0df530663f7291b3883fb3ffd"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 202667
x-amz-cf-id: OBPHOtcH7Qg3uFLDCHpAJJb0NeT6Dg26S2PAmLJO9bdeuycm1cdNmw==

GET
H2 200 93493_05_01.jpg
transform.gammacdn.com/movies/93493/93493_05/previews/2/427/top_1_1920x1080/ 24 KB
25 KB 200ms
190ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/93493/93493_05/previews/2/427/top_1_1920x1080/93493_05_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e175ca98292f6c28e00a0755217bd005b03191ff485d47fb8f3f881abc4a880

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 04:56:40 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Wed, 21 Sep 2022 19:49:39 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 1198392
etag: "08064bf6abef45700dcff735bf3b87d7"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24800
x-amz-cf-id: _FVpvDM9QJUv5WnD41Tpc2hYL629y5Bh2VQqeMd8yJaSFWHCt0OXpg==

GET
H2 200 93493_02_01.jpg
transform.gammacdn.com/movies/93493/93493_02/previews/2/427/top_1_1920x1080/ 15 KB
15 KB 321ms
319ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/93493/93493_02/previews/2/427/top_1_1920x1080/93493_02_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 368b893bc2e33dab924ab6eaa995de5760268593413c975e048ac9fc925bc1da

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Wed, 21 Sep 2022 18:15:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "0c05af703429d032460a6004a057987e"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14926
x-amz-cf-id: fiIue4EmK71pTVcV0_KyvL_W9Cz7wYBNcmoQE52Nzunt5oJ8wpX8BA==

GET
H2 200 96384_01_01.jpg
transform.gammacdn.com/movies/96384/96384_01/previews/2/371/top_1_1920x1080/ 31 KB
31 KB 344ms
342ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/96384/96384_01/previews/2/371/top_1_1920x1080/96384_01_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bca922378a0a3a950bf53bd3755402a9f2912e683dfafcd8db98510886351cb3

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 15:17:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
etag: "2cee56e55c321ec020d87771b455e2a6"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31806
x-amz-cf-id: dHLJ5TNbWXu0Fwr41DVWzAQGarEJTVV3TsRKrsmKlmU_Tgb3YKzRAA==

GET
H2 200 SuicideSquadCover.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/6Ruo9XiBMgjxOORIDS4S5e/e7a1b6ceb96e651d5b62bedb4f362a3d/ 370 KB
371 KB 231ms
224ms Image
image/jpeg 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/6Ruo9XiBMgjxOORIDS4S5e/e7a1b6ceb96e651d5b62bedb4f362a3d/SuicideSquadCover.jpg?w=520&fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1beb81860e598d950963be00dd8ec833800594569863c1064f9fc7bbdbf914da

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Wed, 04 Oct 2023 18:28:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "6b3378ced46293610efb072fe7d15d74"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 379333
x-amz-cf-id: biE9nDCIGv7I5gDGf43B0gbhx8Qo_f1S4sD53KgfOhHrU9nrjt9eyQ==

GET
H2 200 83270_02_01.jpg
transform.gammacdn.com/movies/83270/83270_02/previews/2/371/top_1_1920x1080/ 17 KB
17 KB 241ms
237ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/83270/83270_02/previews/2/371/top_1_1920x1080/83270_02_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d37bbd41e2667892dcf64e846221dc1baa44620e1746c9ab9635661028534ad4

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 12:53:05 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Sat, 10 Sep 2022 09:21:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 1083406
etag: "d5e17aec5ca960cd6478404f5806fbbb"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17000
x-amz-cf-id: 64oowGHSWvOvuj5NFRvT3r8THVVrRUauRFHz678U-5OuuVHnj84Ydw==

GET
H2 200 77185_04_01.jpg
transform.gammacdn.com/movies/77185/77185_04/previews/2/371/top_1_960x544/ 38 KB
38 KB 334ms
331ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77185/77185_04/previews/2/371/top_1_960x544/77185_04_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e26a6d266a5599ba62e4189bb7fed0136988c7f71fba220595667cfe3a97f2a

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Thu, 26 Sep 2019 18:24:35 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "5711364213b0fbeeaabd21e6c98b7d61"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 38428
x-amz-cf-id: wRujy87J3iorngGbKypyNgcbci0YD-cn41W7ljp7Mx0HnH_XMfgqFA==

GET
H2 200 77185_01_01.jpg
transform.gammacdn.com/movies/77185/77185_01/previews/2/371/top_1_960x544/ 29 KB
29 KB 319ms
317ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77185/77185_01/previews/2/371/top_1_960x544/77185_01_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7c3b5937e23606ed319e3eb27434a701b77fbaa239185517bb1098711c8854a

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Thu, 26 Sep 2019 18:24:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "77c76850dc743c74f2363981f59be217"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 29792
x-amz-cf-id: -FzFget2AOBP7kVmduE_nqzpp21RjnA7H_LPm_v5c_ne1Qava6uBew==

GET
H2 200 77174_07_01.jpg
transform.gammacdn.com/movies/77174/77174_07/previews/2/371/top_1_960x544/ 26 KB
27 KB 298ms
293ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77174/77174_07/previews/2/371/top_1_960x544/77174_07_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fd02ef1396af501b463adaeee427554d9b7fc5d721493fa35860fe8e7ef1f58

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 21:17:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "54f4a2faa8970bc26d299a447d9f933d"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 27076
x-amz-cf-id: l_8qM9r7o31-BKlvSSSK0_zbTkm1TVN3d9iapyw_0PS-fCax6iIAcA==

GET
H2 200 77174_04_01.jpg
transform.gammacdn.com/movies/77174/77174_04/previews/2/371/top_1_960x544/ 19 KB
19 KB 331ms
329ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77174/77174_04/previews/2/371/top_1_960x544/77174_04_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e59993030880edb60801a6d7692901047a988e7dc7f2da296b658c924d33644

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 21:17:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "dc16381ea88c5b190bebd742f5433a72"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 19416
x-amz-cf-id: swiPKRoJggE81XNMW1S9HwKXe8Irf8SQqW3nlwNegYWIGyxKthhhZw==

GET
H2 200 BatmanProfile.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/4mhnb5Cem6APWtKik133jy/d5c33cb52a0116863728ceb4a58b437b/ 74 KB
74 KB 455ms
450ms Image
image/jpeg 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/4mhnb5Cem6APWtKik133jy/d5c33cb52a0116863728ceb4a58b437b/BatmanProfile.jpg?w=520&fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50e648f4ca7b691588f63bd4b38da5655fd909ce22446c87113df42757abf75b

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 12:11:09 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "8783b69e122e4bba52ca9a9b8bf912dc"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 75648
x-amz-cf-id: gazbtP99_dyoFPtBZfe_XdoFO1JgdInoWaI1LP7w90oCrld5wyyOzA==

GET
H2 200 BatmanvSuperman.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/65uQgPT4rPCzMF4gWUZrsf/40458297e6ba19423e50de2212349b49/ 113 KB
114 KB 454ms
448ms Image
image/jpeg 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/65uQgPT4rPCzMF4gWUZrsf/40458297e6ba19423e50de2212349b49/BatmanvSuperman.jpg?w=520&fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74714984e7f111bc707d09c3ae7a0212c90f595e4c78ebe8e4a949f0ba77026b

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 11:51:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "1abf3edfedb89495b34bff3531e44c74"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 116130
x-amz-cf-id: 0vsqZDh11Fusa3haDhzsiBI6mtJgk1llnkZdEixirIpchpJ4xc3YDg==

GET
H2 200 77682_06_01.jpg
transform.gammacdn.com/movies/77682/77682_06/previews/2/371/top_1_1920x1080/ 39 KB
40 KB 283ms
279ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77682/77682_06/previews/2/371/top_1_1920x1080/77682_06_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 378d227524aff5ec0f1273ea69c84dded10b6e08a9d652879fe021132b875026

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Thu, 17 Oct 2019 17:47:58 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "74675110e64a02d7705fb3d7e7004fd0"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 40420
x-amz-cf-id: igGs3i8O08XYRyhkt5eC-Yo_7PVXi-a3lgcOdOvyiFn7IJ45J5KD1w==

GET
H2 200 77682_05_01.jpg
transform.gammacdn.com/movies/77682/77682_05/previews/2/371/top_1_1920x1080/ 29 KB
29 KB 277ms
273ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77682/77682_05/previews/2/371/top_1_1920x1080/77682_05_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf37e14489914980f6d96b0670da56daebc185c14eee5313152ab467840e6d3d

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Thu, 17 Oct 2019 17:47:58 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "83ed6bb37ecea03f9f9a71b86a280c2b"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 29418
x-amz-cf-id: fqYl8wW5pCUGy_6nedjUFgjAh6aXpNvEA8hY8yJios97pgZvESdpLQ==

GET
H2 200 96384_05_01.jpg
transform.gammacdn.com/movies/96384/96384_05/previews/2/371/top_1_1920x1080/ 25 KB
26 KB 239ms
235ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/96384/96384_05/previews/2/371/top_1_1920x1080/96384_05_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bb314899a4161cef0abfcb3c0bac2d735252c04f718025b614568c24cfe04a0

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:22:57 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 15:17:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 404815
etag: "589c80a7b5d4dafe6757c09198d38aa1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26060
x-amz-cf-id: 471cPUAmwIl0ct1Nm83XntN06cTzGv2rOSAl95s2r8LSzZGMJSUeow==

GET
H2 200 85591_04_01.jpg
transform.gammacdn.com/movies/85591/85591_04/previews/2/371/top_1_1920x1080/ 44 KB
44 KB 245ms
242ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/85591/85591_04/previews/2/371/top_1_1920x1080/85591_04_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b56d6ef47a2e54cf7c774a80a6fbaf96c28e70e3b6a5b9ba9ec4af0a82e431f

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 20:15:28 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jan 2023 07:52:48 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 1229664
etag: "69b6e9c2e5899e727c2e0a137b3f2e7c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 44612
x-amz-cf-id: uBJwbkhzRuwoO7ZsVLW-k7M4S85mERaWC1Y3RbBQZJJTlc2YuY1KWg==

GET
H2 200 93493_04_01.jpg
transform.gammacdn.com/movies/93493/93493_04/previews/2/427/top_1_1920x1080/ 34 KB
34 KB 307ms
303ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/93493/93493_04/previews/2/427/top_1_1920x1080/93493_04_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16d506700fd6b3b9243e8a6c9e12c5f0a1a441eff29071efe339d751a7d0ba41

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Wed, 21 Sep 2022 19:49:39 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "f55464bfc1dcb9eceea25c2f40d40599"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 34566
x-amz-cf-id: Nk0eIWKYNql3T2MPx-PcITwBG4R_gWmcBbiPdBTnJHEtGOJVxKlolA==

GET
H2 200 85591_03_01.jpg
transform.gammacdn.com/movies/85591/85591_03/previews/2/371/top_1_1920x1080/ 22 KB
23 KB 257ms
254ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/85591/85591_03/previews/2/371/top_1_1920x1080/85591_03_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92cd17a32926fe008f0ead875ae4c5bcb613f63c3467f3c4505e198a7cbf0e95

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:22:57 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 14:34:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 404815
etag: "cf4446b50bd4e266475b167773c8e8a7"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22796
x-amz-cf-id: PWTXigfThcnDHIu0830nztXgNK2TbsHKS7ij_QBuMvbmgOmRRe-xXQ==

GET
H2 200 85591_01_01.jpg
transform.gammacdn.com/movies/85591/85591_01/previews/2/371/top_1_1920x1080/ 19 KB
20 KB 215ms
210ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/85591/85591_01/previews/2/371/top_1_1920x1080/85591_01_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c83dda89e3211ef203666268bbffe76ca6f5e67490e249ff95a249c54cf1911

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 05:04:00 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 14:34:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 1197952
etag: "881a75a884cb999794a96196b6318c52"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19898
x-amz-cf-id: RT4Ans6cfimsdyqvLoA9ncpBrBKyWRlIXD7t9eVKcCfl0kRK1jU50g==

GET
H2 200 83270_01_01.jpg
transform.gammacdn.com/movies/83270/83270_01/previews/2/371/top_1_1920x1080/ 25 KB
25 KB 264ms
261ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/83270/83270_01/previews/2/371/top_1_1920x1080/83270_01_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9125b785e9eb4276302d1c303e9d80c27174f4cd00e098394102fd6c632a107f

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 02:52:26 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Sun, 07 Aug 2022 11:14:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 1551446
etag: "386000bdb86ce953444fe13c3258e13c"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25614
x-amz-cf-id: gqUHpn0Tcepb9LK1_A64DUCIPzlbsbjmgq6S-chtvEdbwFQAS59vmg==

GET
H2 200 77185_03_01.jpg
transform.gammacdn.com/movies/77185/77185_03/previews/2/371/top_1_960x544/ 29 KB
29 KB 342ms
339ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77185/77185_03/previews/2/371/top_1_960x544/77185_03_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2f66742e5d9b5215492d8777f88c0ae51ef919b117e9aaff1ee3688e2cd22b1

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Fri, 04 Oct 2019 01:10:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
etag: "09496e87023ed5df43b5e036472d49c6"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 29628
x-amz-cf-id: Q9S3gw0kwXbH_zxPsCHrzkLebVbyRXo43-ITh7PbtO4mTR5Y-m2PPA==

GET
H2 200 77174_09_01.jpg
transform.gammacdn.com/movies/77174/77174_09/previews/2/371/top_1_960x544/ 24 KB
24 KB 336ms
334ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77174/77174_09/previews/2/371/top_1_960x544/77174_09_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df4a4abffa83291202419fbce8c532aa8c2dfb055afa26b283674e18236424ed

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Wed, 25 Sep 2019 11:22:07 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "22a8255f6bb0fdb86c07b453bd01d803"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 24296
x-amz-cf-id: q5-V_sa2PkDoqVdmyfQ_jY8zdWRizfCNJN1xvuimgkCsMT_9Y5WzQw==

GET
H2 200 77174_06_01.jpg
transform.gammacdn.com/movies/77174/77174_06/previews/2/371/top_1_960x544/ 22 KB
23 KB 294ms
291ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77174/77174_06/previews/2/371/top_1_960x544/77174_06_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 295a258a9710399ed2aa494fa5003b1f538379cd017ce9fc999ae2a671242c5b

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 21:17:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "c43afc8d06e6c1fba02c21300e72259a"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 22806
x-amz-cf-id: 4qSLvFp57hF62WSSvNVM2sr5mAWPV2JHcADlDeDwrgodlh7RBy46UQ==

GET
H2 200 77174_03_01.jpg
transform.gammacdn.com/movies/77174/77174_03/previews/2/371/top_1_960x544/ 25 KB
26 KB 309ms
307ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77174/77174_03/previews/2/371/top_1_960x544/77174_03_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a8d4163738b65211f9a28d0acc97999edd6512c10346e1e61c4b817c6d22b23

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 21:17:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "704ac01574283ad4f5d0aa22d25dd43d"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 26044
x-amz-cf-id: qHmUiU0dNfMjs0Z1jiDCcG4HbK3ii8RFxCh1Ssvuq5iVv1jFla0AxQ==

GET
H2 200 96384_15_01.jpg
transform.gammacdn.com/movies/96384/96384_15/previews/2/371/top_1_1920x1080/ 29 KB
29 KB 223ms
218ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/96384/96384_15/previews/2/371/top_1_1920x1080/96384_15_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6538dd4322661cedf8b08f8004186da6dabbc17c3fc4a087b58690e8690e4114

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 22:18:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "3b531d2cf09a1ba871fdb86d76ac215f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29710
x-amz-cf-id: TRQoIKUrN9erlh41-ifFv2SYqK4vU_8yUQYcGf1ryKnE90n33hPK1Q==

GET
H2 200 96384_10_01.jpg
transform.gammacdn.com/movies/96384/96384_10/previews/2/371/top_1_1920x1080/ 30 KB
30 KB 328ms
325ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/96384/96384_10/previews/2/371/top_1_1920x1080/96384_10_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e47c75a3deba9b99970f57c30fbd2ebd68ef5d906cee9f3880c8322c2f45061

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 22:18:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "fe7821a6fcdb02499012b4b122590a2c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30402
x-amz-cf-id: Ugsb15PmU2NmX94-Pc2cEk-4Anx-ao-2zGtQPzzG9WU0yyrqk7hXfQ==

GET
H2 200 77229_05_01.jpg
transform.gammacdn.com/movies/77229/77229_05/previews/2/371/top_1_960x544/ 43 KB
44 KB 314ms
311ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77229/77229_05/previews/2/371/top_1_960x544/77229_05_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e027826dd03d3d8d70eac8d816d08e36d1c992ef29d4612ab23b59dbec809647

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Thu, 26 Sep 2019 18:24:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "e28c47fea4049d0668a0e5392f42df43"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 44356
x-amz-cf-id: LAKju8XETjZtmqd9Edgit8_m5H4JSx_2iChPv98bXWg9FTCiOP9Gew==

GET
H2 200 CaptainMarvelCover.png
ctf-images.gammacdn.com/cdyxtpbavd4i/MHKPiGvtxvnBJ5BY2cL9n/4f20f920cfee4f8382a2d2f593b3df5c/ 682 KB
683 KB 452ms
449ms Image
image/png 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/MHKPiGvtxvnBJ5BY2cL9n/4f20f920cfee4f8382a2d2f593b3df5c/CaptainMarvelCover.png?w=520&fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23acb734fb46d54b5a034aed7dd4160d9fa19d9fa67280b42d9c3cc28c7ab553

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 12:06:08 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "3e7cbbe2c3fa0f84c80454847a72289e"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 698694
x-amz-cf-id: seVESorDIZUBhv4yCBAYBslqdauPS03abzzxQJyi1OWUlQZTKe5VOA==

GET
H2 200 Axel.jpg
ctf-images.gammacdn.com/cdyxtpbavd4i/5LwA7ReDwGP7lXwNisqL8M/c9f19bf78cffe030565a1181564db3d3/ 249 KB
249 KB 453ms
449ms Image
image/jpeg 18.238.49.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctf-images.gammacdn.com/cdyxtpbavd4i/5LwA7ReDwGP7lXwNisqL8M/c9f19bf78cffe030565a1181564db3d3/Axel.jpg?w=520&fm=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-23.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24290b9a1b496342ec0b9b494cd760e44c916af594783f5e064d7742619fb307

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
via: 1.1 7cd7ee430e44b1f51cd2016b916ffa92.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 14:14:46 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
etag: "c4bd931d390c8459b6595d5c3d108a62"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 254735
x-amz-cf-id: difTDyShqSwcH1Pu__8z2EkhJSL9vKymiLlUP2T6TLHyzY8Ebkz9vg==

GET
H2 200 93493_03_01.jpg
transform.gammacdn.com/movies/93493/93493_03/previews/2/427/top_1_1920x1080/ 12 KB
13 KB 302ms
299ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/93493/93493_03/previews/2/427/top_1_1920x1080/93493_03_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2976285fc0c0c8afebfc8a7e1c0c8c717575ded1bf24ad714332b81e4196cef0

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 12:53:06 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Wed, 21 Sep 2022 18:15:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 1083406
etag: "717d4112b2d9da0906a7da01d5f8b2aa"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12456
x-amz-cf-id: GpHFe9adoqjR3TLkgpaiOVhYnNYkKrTsjuoemEsQJ5NiyoDg-m47pw==

GET
H2 200 93493_01_01.jpg
transform.gammacdn.com/movies/93493/93493_01/previews/2/427/top_1_1920x1080/ 17 KB
18 KB 300ms
297ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/93493/93493_01/previews/2/427/top_1_1920x1080/93493_01_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa7ab9c714a15a46553a7bf51e64d522b33c5292504c117362423029bf047c19

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 18:35:59 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Wed, 21 Sep 2022 18:15:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 1235633
etag: "b3de21cb104519a3cfea6d968324e256"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17672
x-amz-cf-id: kI3iESNRE-QcHrKBLY8bm-8llcXlf9fCGROJSaw5fuOB-ccJDJwq3g==

GET
H2 200 85591_02_01.jpg
transform.gammacdn.com/movies/85591/85591_02/previews/2/371/top_1_1920x1080/ 23 KB
24 KB 341ms
337ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/85591/85591_02/previews/2/371/top_1_1920x1080/85591_02_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67550a536a4f3e51dadd62523bd43e5545b2d13f120265978fc9caf63d06dc85

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 14:34:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
etag: "f77e0533946f12b1cb8c86d7e5993779"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23932
x-amz-cf-id: j39yfyQ4Q0uSL6GQiCC1Kns7mVDnyPjAyH6STS-jxIoX9ZsMelJfVA==

GET
H2 200 93129_01_01.jpg
transform.gammacdn.com/movies/93129/93129_01/previews/2/371/top_1_1920x1080/ 26 KB
26 KB 271ms
268ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/93129/93129_01/previews/2/371/top_1_1920x1080/93129_01_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79b075f60ff15a8f0543a17c5d8d1e33c546751c781a9a734dea4b024d36cf9d

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 21:12:55 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Wed, 13 Jul 2022 18:06:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 1053416
etag: "b790020a40d237dc87400d4d83f76509"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26530
x-amz-cf-id: TEdEX08dM03ayka3JN69sd2xifxVnKAl-vB_i3tvrxSVtxMqOMibMw==

GET
H2 200 77185_05_01.jpg
transform.gammacdn.com/movies/77185/77185_05/previews/2/371/top_1_960x544/ 40 KB
41 KB 348ms
345ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77185/77185_05/previews/2/371/top_1_960x544/77185_05_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6d2c782e5ab48de20e8d4559abe0d2a2ed21b2069a8170c905df9ee83c56cab

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 21:17:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
etag: "80767085e79d201b9765216e8316440b"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 41432
x-amz-cf-id: V6c2wPxzPbGSxoROR6dfOmcU_9YOfzhk9eZLsUqm2rMneYhY7AmNRA==

GET
H2 200 77185_02_01.jpg
transform.gammacdn.com/movies/77185/77185_02/previews/2/371/top_1_960x544/ 34 KB
34 KB 319ms
316ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77185/77185_02/previews/2/371/top_1_960x544/77185_02_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16d1bd041fcc9a110ae5440075e2090d0293aab6d79c0cfcc458be39526cd0b8

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 21:17:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "9167e80abdebea7ff118a648be8ec7fa"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 34632
x-amz-cf-id: lchOrGm0AklEbaOdow8HIng-c67pu5jipytSKE6riGr3_-l7r_M5Qg==

GET
H2 200 77174_08_01.jpg
transform.gammacdn.com/movies/77174/77174_08/previews/2/371/top_1_960x544/ 27 KB
27 KB 291ms
287ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77174/77174_08/previews/2/371/top_1_960x544/77174_08_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 962d3141977604a257db63117977fa506ccfdbfe0752ec9ead19fd5b620ebb83

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Thu, 03 Oct 2019 04:24:49 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "3253f852b3116cb083ad18a7fda47caa"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 27632
x-amz-cf-id: Ijw92IrHO_BF2fNZIix92mqNQRAmOpGzweWR6FJ4LG99K-lr_HMZTw==

GET
H2 200 77174_05_01.jpg
transform.gammacdn.com/movies/77174/77174_05/previews/2/371/top_1_960x544/ 13 KB
13 KB 304ms
300ms Image
image/webp 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transform.gammacdn.com/movies/77174/77174_05/previews/2/371/top_1_960x544/77174_05_01.jpg?width=520&height=293&enlarge=true&format=webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5d7c5f8be3d1c38a985234611af76d1c6e176f7d6bf4b62951c6e3c3cea9f35

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 18:11:19 GMT
content-encoding: base64
via: 1.1 13123a343330dc5aacb74d5b3c4fdf0e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Oct 2019 21:17:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 27513
etag: "0222343c7c579b1b1652c9f278fea39a"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 13202
x-amz-cf-id: mdzmZwkEF_9MZE5IiO8dRvry8n2rbdAbJWRBFuknvMn51bbYeQ5TVw==

GET
H2 206 162173.mp4
videothumb.gammacdn.com/500x281/ 542 KB
543 KB 488ms
243ms Media
video/mp4 18.164.116.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videothumb.gammacdn.com/500x281/162173.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-112.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1cd0a0369b7821a6a2bfd171e71651721b8b6146659ec5b5e274a79e51dca18

Request headers

Referer: https://lp.wicked.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 27 Jul 2024 02:35:07 GMT
via: 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 18:33:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 688485
etag: "e65e849dc0ae944ff277da67f199795f"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-555178/555179
accept-ranges: bytes
x-amz-cf-id: ZZBMSpphETjN7EaOIfZLKsGM_vOTRWVvj8burYFxqSb2kYS5U0ooRw==
Content-Length: 555179

GET
H2 206 167556.mp4
videothumb.gammacdn.com/500x281/ 578 KB
579 KB 314ms
71ms Media
video/mp4 18.164.116.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videothumb.gammacdn.com/500x281/167556.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-112.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fec27f6974abd1810ba9889b73b5d48b87a5f69532aa2398f8d8cc570d0a4ae2

Request headers

Referer: https://lp.wicked.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 16 Jul 2024 18:04:18 GMT
via: 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
last-modified: Fri, 18 Oct 2019 07:17:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 1583134
etag: "18560f6c83d08980e242fb9e7f7ceb53"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-591881/591882
accept-ranges: bytes
x-amz-cf-id: 1E0QmZAovGMpIa2MW-nZStmEIcjEUds_9Ru3N9hvj_5ZrhLNw-cUAA==
Content-Length: 591882

GET
H2 206 Deadpool-PixTeller.mp4
ctf-videos.gammacdn.com/cdyxtpbavd4i/3mAFbudv6Lms9QMxK35wzO/df8908a786b60100b2a86844d3e76a65/ 53 KB
53 KB 461ms
81ms Media
video/mp4 99.84.160.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ctf-videos.gammacdn.com/cdyxtpbavd4i/3mAFbudv6Lms9QMxK35wzO/df8908a786b60100b2a86844d3e76a65/Deadpool-PixTeller.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.160.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-160-49.ord52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b842c08c30f4438058acdd0b8a7a69110eee2929a4933403cf6f10d9e61b0c8a

Request headers

Referer: https://lp.wicked.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 31 Jul 2024 07:22:47 GMT
via: 1.1 2614aff6912f836d77ae243b9dbf5dd6.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 18:06:37 GMT
server: AmazonS3
x-amz-cf-pop: ORD52-C2
age: 325626
etag: "6c8cc906d78b08dcf779e6ded67979b7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-54178/54179
accept-ranges: bytes
x-amz-cf-id: 7jrZcUEoGZGFMfvl3x6WyYkJ52XAVOTS2oXiIXM4ESn5QD9ELFELXg==
Content-Length: 54179

GET
H2 206 162176.mp4
videothumb.gammacdn.com/500x281/ 286 KB
287 KB 431ms
192ms Media
video/mp4 18.164.116.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videothumb.gammacdn.com/500x281/162176.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-112.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93549f077877026ee350d674088dd61065703bd062037bda0b5cf1abfcf519f6

Request headers

Referer: https://lp.wicked.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 20 May 2024 14:18:53 GMT
via: 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 18:34:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 6521459
etag: "fd5c7cae15e345da2bf76cb81d8fd5fc"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-292820/292821
accept-ranges: bytes
x-amz-cf-id: 7-8PrMvaL_4UWCXh4eOOsH2vLZFUqdy4Lu9zbvpeY-ODXTaL6_hL_A==
Content-Length: 292821

GET
H2 206 CaptainAmerica_Thumbsvideo.mp4
ctf-videos.gammacdn.com/cdyxtpbavd4i/2aJTq7615WiAnOPuwjRhJz/9ecc4209eea998055dd41d680990f6bd/ 10 MB
10 MB 523ms
147ms Media
video/mp4 99.84.160.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ctf-videos.gammacdn.com/cdyxtpbavd4i/2aJTq7615WiAnOPuwjRhJz/9ecc4209eea998055dd41d680990f6bd/CaptainAmerica_Thumbsvideo.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.160.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-160-49.ord52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f251957af9589137e306dc2bc906254efa1641a69878e48bd051401982b65e74

Request headers

Referer: https://lp.wicked.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 12 Jun 2024 18:02:49 GMT
via: 1.1 2614aff6912f836d77ae243b9dbf5dd6.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 18:17:15 GMT
server: AmazonS3
x-amz-cf-pop: ORD52-C2
age: 4520824
etag: "bf461e9d19ada3814c3bb45b8fa04681-2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-10970081/10970082
accept-ranges: bytes
x-amz-cf-id: 6EI5DxvSoHt8EPYBWfCaaccviSS54OwnfiCCyz3jzRu_uE21MlAsqg==
Content-Length: 10970082

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 65ms
64ms XHR
text/plain 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1843739962&t=pageview&_s=1&dl=https%3A%2F%2Flp.wicked.com%2Fparodies%3Fpr%3D8%26su%3D1%26si%3D371%26ad%3D212539%26cl%3D%252Fparodies%26ar%3D%26campaign%3D391217%26buffer%3D&ul=en-us&de=UTF-8&dt=Wicked%20Comix%20%7C%20Wicked%20Fairy%20Tales&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1985642796&gjid=1348402583&cid=1941196962.1722736192&tid=UA-19633080-9&_gid=64429180.1722736192&_r=1&_slc=1&gtm=45He47v0n81WPXSS5Zv812567512za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=1850110011

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 01:49:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.wicked.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 64ms
63ms Fetch
text/plain 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CBRE1C7EBD&gtm=45je47v0v874743827z8812567512za200zb812567512&_p=1722736191007&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=1941196962.1722736192&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722736191&sct=1&seg=0&dl=https%3A%2F%2Flp.wicked.com%2Fparodies%3Fpr%3D8%26su%3D1%26si%3D371%26ad%3D212539%26cl%3D%252Fparodies%26ar%3D%26campaign%3D391217%26buffer%3D&dt=Wicked%20Comix%20%7C%20Wicked%20Fairy%20Tales&en=page_view&_fv=1&_ss=1&tfd=7961
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBRE1C7EBD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 01:49:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.wicked.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dist.js Show response
d3a3ewgd1iewwz.cloudfront.net/promomessages/ 122 KB
38 KB 287ms
69ms Script
text/javascript 2600:9000:261f:1e00:11:b499:8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3a3ewgd1iewwz.cloudfront.net/promomessages/dist.js
Requested by: Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:1e00:11:b499:8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88574a5abbcfa357ef028a37a6f63f9f605e2cfc4c921bc2373de45902ea2744

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:52:21 GMT
content-encoding: gzip
via: 1.1 7737ef6f12229d4564d45a2b0c059e2e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 21:46:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
age: 345452
etag: W/"a198b55ee96ccd950f11c2ad7971650b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31104000
x-amz-cf-id: ndu4QArliMtPxXxr1Ccrzok3y_vgx-FWQMxaAVB7mPHTEa8nSlTjDw==

GET 3oSI4qghybiu8gRa5RXTDT
app.contentful.com/spaces/cdyxtpbavd4i/assets/ 0
0

POST
H2 200 event Show response
3tt0xhv5u7.execute-api.us-east-1.amazonaws.com/prod/ 15 B
411 B 198ms
197ms Fetch
application/json 18.238.49.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3tt0xhv5u7.execute-api.us-east-1.amazonaws.com/prod/event
Requested by: Host: lp.wicked.com
URL: https://lp.wicked.com/static/js/main.963fd1a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-50.jfk52.r.cloudfront.net
Software: /
Resource Hash: f7d595a699860f394598b720a015537850464e5e469c0783005b3f126f2285b8

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Aug 2024 01:49:52 GMT
via: 1.1 e3d2c542026df7b9357e3b591c889f64.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
x-amzn-trace-id: Root=1-66aede40-39f99d873732cd0a48678f6e;Parent=29c175d672075824;Sampled=0;lineage=48228f50:0
x-amzn-requestid: fbab8c8f-676d-4d03-8f7b-b67df65b9edb
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: b9eqDEvmIAMED_w=
content-length: 15
x-amz-cf-id: e1sQ4yepQ6mlAeDXCebSs1QB8oDDcr9yi9vrsxcwWT1ud_5FA_7S1Q==

POST
H/1.1 200
OK queries Show response
wp8q3hdhdz-dsn.algolia.net/1/indexes/*/ 9 KB
3 KB 56ms
55ms XHR
application/json 207.244.73.1
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://wp8q3hdhdz-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(4.3.0)%3B%20Browser%20(lite)&x-algolia-api-key=cbb1a344b1723e4db15cb9f47be65efc&x-algolia-application-id=WP8Q3HDHDZ

Requested by

Host: d3a3ewgd1iewwz.cloudfront.net
URL: https://d3a3ewgd1iewwz.cloudfront.net/promomessages/dist.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

207.244.73.1 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

e05d399b92f8def8fe637137bb47d3daa94e0b72e9309180b1ce523aa5fa6cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 04 Aug 2024 01:49:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Accept-Encoding: deflate, gzip
X-Alg-PT: 1
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Disposition: inline; filename=a.txt
Connection: keep-alive
Timing-Allow-Origin: *

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 62ms
61ms Fetch
text/plain 172.253.63.102

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CBRE1C7EBD&gtm=45je47v0v874743827za200zb812567512&_p=1722736191007&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=1941196962.1722736192&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722736191&sct=1&seg=0&dl=https%3A%2F%2Flp.wicked.com%2Fparodies%3Fpr%3D8%26su%3D1%26si%3D371%26ad%3D212539%26cl%3D%252Fparodies%26ar%3D%26campaign%3D391217%26buffer%3D&dt=Wicked%20Comix%20%7C%20Wicked%20Fairy%20Tales&en=scroll&epn.percent_scrolled=90&_et=11&tfd=12974
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBRE1C7EBD&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.102 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://lp.wicked.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 01:49:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.wicked.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Domain: app.contentful.com
URL: https://app.contentful.com/spaces/cdyxtpbavd4i/assets/3oSI4qghybiu8gRa5RXTDT

Domain: app.contentful.com
URL: https://app.contentful.com/spaces/cdyxtpbavd4i/assets/3oSI4qghybiu8gRa5RXTDT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wicked.com/	1969-12-31 23:59:59	Name: routing Value: %7B%22landing%22%3Afalse%2C%22adv_id%22%3A212539%7D
.wicked.com/	1969-12-31 23:59:59	Name: COOKIE_ACKNOWLEDGED Value: dismiss
.wicked.com/	1970-01-20 22:33:42	Name: landingpage Value: lp.parodies
.wicked.com/	1970-01-20 22:33:42	Name: _gid Value: GA1.2.64429180.1722736192
.wicked.com/	1970-01-20 22:32:16	Name: _gat_UA-19633080-9 Value: 1
.wicked.com/	1970-01-21 08:08:16	Name: _ga Value: GA1.1.1941196962.1722736192
.wicked.com/	1970-01-21 08:08:16	Name: _ga_CBRE1C7EBD Value: GS1.1.1722736191.1.0.1722736191.0.0.0
.wicked.com/	1969-12-31 23:59:59	Name: s_info Value: a%253A17%253A%257Bs%253A6%253A%2522adv_id%2522%253Bi%253A212539%253Bs%253A8%253A%2522campaign%2522%253Bs%253A8%253A%2522WICKED22%2522%253Bs%253A12%253A%2522country_code%2522%253Bs%253A2%253A%2522US%2522%253Bs%253A6%253A%2522origin%2522%253Bs%253A5%253A%2522promo%2522%253Bs%253A10%253A%2522program_id%2522%253Bi%253A8%253Bs%253A11%253A%2522referer_url%2522%253Bs%253A22%253A%2522https%253A%252F%252Flp.wicked.com%252F%2522%253Bs%253A13%253A%2522subprogram_id%2522%253Bi%253A1%253Bs%253A7%253A%2522site_id%2522%253Bi%253A371%253Bs%253A10%253A%2522gallery_id%2522%253Bs%253A39%253A%2522lp_dff91f7d-2563-4983-a921-e313f4d7f750%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A101%253A%2522Mozilla%252F5.0%2520%2528X11%253B%2520Linux%2520x86_64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F127.0.0.0%2520Safari%252F537.36%2522%253Bs%253A7%253A%2522section%2522%253Bs%253A2%253A%2522lp%2522%253Bs%253A12%253A%2522adv_category%2522%253Bs%253A13%253A%2522external%2520tube%2522%253Bs%253A4%253A%2522type%2522%253BN%253Bs%253A7%253A%2522skin_id%2522%253Bi%253A0%253Bs%253A5%253A%2522pg_id%2522%253Bs%253A88%253A%2522zbAab38Z9j4abwKdw3%252FVC3PjpH9M11ok2rrXtN6jfFLZo1IoRR9UguEQGp9eoj2bEg4JMWZGQgLzCbqShBnubg%253D%253D%2522%253Bs%253A2%253A%2522cp%2522%253Bi%253A178%253Bs%253A9%253A%2522timestamp%2522%253Bi%253A1722736191%253B%257D
.wicked.com/	1970-01-20 22:39:28	Name: psale Value: a%253A17%253A%257Bs%253A6%253A%2522adv_id%2522%253Bi%253A212539%253Bs%253A8%253A%2522campaign%2522%253Bs%253A8%253A%2522WICKED22%2522%253Bs%253A12%253A%2522country_code%2522%253Bs%253A2%253A%2522US%2522%253Bs%253A6%253A%2522origin%2522%253Bs%253A5%253A%2522promo%2522%253Bs%253A10%253A%2522program_id%2522%253Bi%253A8%253Bs%253A11%253A%2522referer_url%2522%253Bs%253A22%253A%2522https%253A%252F%252Flp.wicked.com%252F%2522%253Bs%253A13%253A%2522subprogram_id%2522%253Bi%253A1%253Bs%253A7%253A%2522site_id%2522%253Bi%253A371%253Bs%253A10%253A%2522gallery_id%2522%253Bs%253A39%253A%2522lp_dff91f7d-2563-4983-a921-e313f4d7f750%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A101%253A%2522Mozilla%252F5.0%2520%2528X11%253B%2520Linux%2520x86_64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F127.0.0.0%2520Safari%252F537.36%2522%253Bs%253A7%253A%2522section%2522%253Bs%253A2%253A%2522lp%2522%253Bs%253A12%253A%2522adv_category%2522%253Bs%253A13%253A%2522external%2520tube%2522%253Bs%253A4%253A%2522type%2522%253BN%253Bs%253A7%253A%2522skin_id%2522%253Bi%253A0%253Bs%253A5%253A%2522pg_id%2522%253Bs%253A88%253A%2522zbAab38Z9j4abwKdw3%252FVC3PjpH9M11ok2rrXtN6jfFLZo1IoRR9UguEQGp9eoj2bEg4JMWZGQgLzCbqShBnubg%253D%253D%2522%253Bs%253A2%253A%2522cp%2522%253Bi%253A178%253Bs%253A9%253A%2522timestamp%2522%253Bi%253A1722736191%253B%257D
.wicked.com/	1969-12-31 23:59:59	Name: ssale Value: a%253A17%253A%257Bs%253A6%253A%2522adv_id%2522%253Bi%253A212539%253Bs%253A8%253A%2522campaign%2522%253Bs%253A8%253A%2522WICKED22%2522%253Bs%253A12%253A%2522country_code%2522%253Bs%253A2%253A%2522US%2522%253Bs%253A6%253A%2522origin%2522%253Bs%253A5%253A%2522promo%2522%253Bs%253A10%253A%2522program_id%2522%253Bi%253A8%253Bs%253A11%253A%2522referer_url%2522%253Bs%253A22%253A%2522https%253A%252F%252Flp.wicked.com%252F%2522%253Bs%253A13%253A%2522subprogram_id%2522%253Bi%253A1%253Bs%253A7%253A%2522site_id%2522%253Bi%253A371%253Bs%253A10%253A%2522gallery_id%2522%253Bs%253A39%253A%2522lp_dff91f7d-2563-4983-a921-e313f4d7f750%2522%253Bs%253A10%253A%2522user_agent%2522%253Bs%253A101%253A%2522Mozilla%252F5.0%2520%2528X11%253B%2520Linux%2520x86_64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F127.0.0.0%2520Safari%252F537.36%2522%253Bs%253A7%253A%2522section%2522%253Bs%253A2%253A%2522lp%2522%253Bs%253A12%253A%2522adv_category%2522%253Bs%253A13%253A%2522external%2520tube%2522%253Bs%253A4%253A%2522type%2522%253BN%253Bs%253A7%253A%2522skin_id%2522%253Bi%253A0%253Bs%253A5%253A%2522pg_id%2522%253Bs%253A88%253A%2522zbAab38Z9j4abwKdw3%252FVC3PjpH9M11ok2rrXtN6jfFLZo1IoRR9UguEQGp9eoj2bEg4JMWZGQgLzCbqShBnubg%253D%253D%2522%253Bs%253A2%253A%2522cp%2522%253Bi%253A178%253Bs%253A9%253A%2522timestamp%2522%253Bi%253A1722736191%253B%257D
.wicked.com/	1970-01-20 22:36:35	Name: site_371 Value: 1
.wicked.com/	1969-12-31 23:59:59	Name: origin Value: promo
.wicked.com/	1969-12-31 23:59:59	Name: timestamp Value: 1722736191

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: The script has an unsupported MIME type ('text/html').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3tt0xhv5u7.execute-api.us-east-1.amazonaws.com
app.contentful.com
cloudflareinsights.com
ctf-images.gammacdn.com
ctf-videos.gammacdn.com
d3a3ewgd1iewwz.cloudfront.net
fonts.googleapis.com
lp.wicked.com
static.cloudflareinsights.com
static01-cms-fame.gammacdn.com
transform.gammacdn.com
tsmkfa364q-dsn.algolia.net
videothumb.gammacdn.com
wicked22.com
wp8q3hdhdz-dsn.algolia.net
www.gammaentertainment.com
www.google-analytics.com
www.googletagmanager.com
www.iyalc.com
www.wicked.com
app.contentful.com
static.cloudflareinsights.com
104.26.6.229
104.26.7.210
104.26.8.108
108.59.0.18
13.35.93.110
172.253.63.102
18.164.116.112
18.238.49.23
18.238.49.50
18.238.55.108
207.244.73.1
2600:9000:261f:1e00:11:b499:8c0:93a1
2606:4700::6810:5049
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c17::61
2607:f8b0:4004:c19::5f
63.250.32.136
99.84.160.49
1415ef60af9eeb9f137512d07f1fa1342d55c1585dfca2d5cf3bad8e628228c0
16d1bd041fcc9a110ae5440075e2090d0293aab6d79c0cfcc458be39526cd0b8
16d506700fd6b3b9243e8a6c9e12c5f0a1a441eff29071efe339d751a7d0ba41
1beb81860e598d950963be00dd8ec833800594569863c1064f9fc7bbdbf914da
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e47c75a3deba9b99970f57c30fbd2ebd68ef5d906cee9f3880c8322c2f45061
23acb734fb46d54b5a034aed7dd4160d9fa19d9fa67280b42d9c3cc28c7ab553
24290b9a1b496342ec0b9b494cd760e44c916af594783f5e064d7742619fb307
295a258a9710399ed2aa494fa5003b1f538379cd017ce9fc999ae2a671242c5b
2976285fc0c0c8afebfc8a7e1c0c8c717575ded1bf24ad714332b81e4196cef0
2a76cb8411119185a1d0f5c21f237f824f105df20257f681baec10dd1e9ee786
2e175ca98292f6c28e00a0755217bd005b03191ff485d47fb8f3f881abc4a880
368b893bc2e33dab924ab6eaa995de5760268593413c975e048ac9fc925bc1da
378d227524aff5ec0f1273ea69c84dded10b6e08a9d652879fe021132b875026
450ad4adcaafd4be140ccb5a1bb458ca9335f426ac7a5b3f01d24bdabe3ffa68
472e36b2f7f97da0e5442026ffc913fc97206395e1d7bd7563b1a202170037f4
4bb314899a4161cef0abfcb3c0bac2d735252c04f718025b614568c24cfe04a0
4f5ba4f5a10adbb3965d5cc3c14023764595daca1fd77365ce44c16c16274675
50e648f4ca7b691588f63bd4b38da5655fd909ce22446c87113df42757abf75b
5951ca947adfbdecde5e3595bab3c72e4a8d0e14e56330a6f2f3e813f2def9ba
5bc452e5aab8a84604bb91e5dab6a46fd4c23ab8a28bff66a165513d2bd10367
6538dd4322661cedf8b08f8004186da6dabbc17c3fc4a087b58690e8690e4114
67550a536a4f3e51dadd62523bd43e5545b2d13f120265978fc9caf63d06dc85
6b56d6ef47a2e54cf7c774a80a6fbaf96c28e70e3b6a5b9ba9ec4af0a82e431f
6b5e46501a968752e84c818d712263eb2f33432e19c1dba3fe68a0dad71322a4
6e59993030880edb60801a6d7692901047a988e7dc7f2da296b658c924d33644
72d8821fc811ae72620c4bc26c89edd26a0f8757473d994095dad7f7a1d603fc
7391e937ada9ce521e18fb2d68981d08c3b441dd658f68fa4867abb1ed947e19
74714984e7f111bc707d09c3ae7a0212c90f595e4c78ebe8e4a949f0ba77026b
79b075f60ff15a8f0543a17c5d8d1e33c546751c781a9a734dea4b024d36cf9d
79c8832bb23cb3e199eb0c226b459947d0702d0de69928a80781bc7015c46311
7cae651a10e51f77ff50337c478cc9c1be979890c45796556aafa09e70766333
7fd02ef1396af501b463adaeee427554d9b7fc5d721493fa35860fe8e7ef1f58
88574a5abbcfa357ef028a37a6f63f9f605e2cfc4c921bc2373de45902ea2744
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a5dc2eb4a24c652650c1b8af550ef2b45bfdba80a52d0241dcc32cb5a78f9f8
8c83dda89e3211ef203666268bbffe76ca6f5e67490e249ff95a249c54cf1911
9125b785e9eb4276302d1c303e9d80c27174f4cd00e098394102fd6c632a107f
92cd17a32926fe008f0ead875ae4c5bcb613f63c3467f3c4505e198a7cbf0e95
93549f077877026ee350d674088dd61065703bd062037bda0b5cf1abfcf519f6
962d3141977604a257db63117977fa506ccfdbfe0752ec9ead19fd5b620ebb83
9a8d4163738b65211f9a28d0acc97999edd6512c10346e1e61c4b817c6d22b23
9e26a6d266a5599ba62e4189bb7fed0136988c7f71fba220595667cfe3a97f2a
aa7ab9c714a15a46553a7bf51e64d522b33c5292504c117362423029bf047c19
abb753d08962a217318573caf5495c66ebed43ec6a31d5489099d80355de8895
ad43e78cf7181b48c5e4a9d8c35362af6a482e1c10fad8baf5ad8b6a2af4b50e
b1cd0a0369b7821a6a2bfd171e71651721b8b6146659ec5b5e274a79e51dca18
b4aac55a386f7c5781db81466154732f48bc544b155cd735e4378733e5ec10f1
b842c08c30f4438058acdd0b8a7a69110eee2929a4933403cf6f10d9e61b0c8a
bca922378a0a3a950bf53bd3755402a9f2912e683dfafcd8db98510886351cb3
c0725f1905f6d6216f5a418e71bfc5e6a75e2e79c1b1d8c18fde682ede9f5fb9
c158cb3c2439ee43aa13ca0525cae77c9cfc38e3e1f720822f70b69244a4e486
c2f66742e5d9b5215492d8777f88c0ae51ef919b117e9aaff1ee3688e2cd22b1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf37e14489914980f6d96b0670da56daebc185c14eee5313152ab467840e6d3d
d14576cac1d1587a275ef90cf4e169e7b95d1a9d7e91228e9243b9485227437c
d19a4289180a696dd4ff1e1f0dbcc0904c0b4c01447daca0181f1ebd75f46776
d37bbd41e2667892dcf64e846221dc1baa44620e1746c9ab9635661028534ad4
d413f447b5881b2ebe124c2c222a68e853fc86bc886cb3f81439ee85a17309ab
d5d7c5f8be3d1c38a985234611af76d1c6e176f7d6bf4b62951c6e3c3cea9f35
d6d2c782e5ab48de20e8d4559abe0d2a2ed21b2069a8170c905df9ee83c56cab
d7c3b5937e23606ed319e3eb27434a701b77fbaa239185517bb1098711c8854a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4a4abffa83291202419fbce8c532aa8c2dfb055afa26b283674e18236424ed
e027826dd03d3d8d70eac8d816d08e36d1c992ef29d4612ab23b59dbec809647
e05d399b92f8def8fe637137bb47d3daa94e0b72e9309180b1ce523aa5fa6cd1
e1457e8edb99d1d3840c8f4e01cebe21e433539fe9d4e21c1a9a44cc64d1d925
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d1560df5054619fb8913015df9c008b66466fd1833624c2b69e27df38381e0
eafb5cdda4695df3f21df2f3c82fbafe9187102eb113533daddd8dc54304d8fb
f06ed230f6e0cc2ea8ed3bddde802ac1d362fd76da059d3fb5a8177bc58d155d
f1158e1bfd44a27b80445810a99d2f1716082ff2532f2af1ebac5b2e3cbef7bf
f251957af9589137e306dc2bc906254efa1641a69878e48bd051401982b65e74
f7d595a699860f394598b720a015537850464e5e469c0783005b3f126f2285b8
fd7d498388e512f4ba6efd28f67abe95f0a34df6facd703a38e7c6c210686c13
fec27f6974abd1810ba9889b73b5d48b87a5f69532aa2398f8d8cc570d0a4ae2
ffb9b126c40fecb034bf6a33106ed623a6fb8b1e51370abda2d10f4ced5ddceb

lp.wicked.com Open in urlscan Pro 104.26.6.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

96 %HTTPS

28 %IPv6

13 Domains

20 Subdomains

17 IPs

2 Countries

15854 kBTransfer

16669 kBSize

13 Cookies

6 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lp.wicked.com Open in urlscan Pro
104.26.6.229 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

96 %
HTTPS

28 %
IPv6

13
Domains

20
Subdomains

17
IPs

2
Countries

15854 kB
Transfer

16669 kB
Size

13
Cookies

82 HTTP transactions
4 data transactions