URL: https://wickedpepe.vip/
Submission Tags: phishingrod
Submission: On June 02 via api from DE — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is wickedpepe.vip.
TLS certificate: Issued by R3 on June 1st 2024. Valid for: 3 months.
This is the only time wickedpepe.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.223.52.2 16509 (AMAZON-02)
12 2600:9000:20a... 16509 (AMAZON-02)
3 18.173.187.68 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 54.230.228.65 16509 (AMAZON-02)
20 6
Apex Domain
Subdomains
Transfer
14 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 48904
461 KB
3 framer.com
events.framer.com — Cisco Umbrella Rank: 57202
6 KB
2 gstatic.com
fonts.gstatic.com
94 KB
1 wickedpepe.vip
wickedpepe.vip
12 KB
20 4
Domain Requested by
14 framerusercontent.com wickedpepe.vip
framerusercontent.com
3 events.framer.com wickedpepe.vip
events.framer.com
2 fonts.gstatic.com wickedpepe.vip
1 wickedpepe.vip
20 4

This site contains links to these domains. Also see Links.

Domain
t.me
x.com
www.dextools.io
dexscreener.com
raydium.io
Subject Issuer Validity Valid
wickedpepe.vip
R3
2024-06-01 -
2024-08-30
3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02
2023-12-18 -
2025-01-14
a year crt.sh
events.framer.com
Amazon RSA 2048 M03
2024-04-09 -
2025-05-07
a year crt.sh
*.gstatic.com
WR2
2024-05-13 -
2024-08-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://wickedpepe.vip/
Frame ID: BDF999F72AB4BCB89D6C7BAB11EA0560
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

Wicked

Page Statistics

20
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

2
Countries

573 kB
Transfer

1498 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wickedpepe.vip/
80 KB
12 KB
Document
General
Full URL
https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.52.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Framer/5595161 /
Resource Hash
2e6536486bfbb58a908c53d2a2acce6a701e00f0574ac81ca5d68bd0c3912146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
12329
content-type
text/html
date
Sun, 02 Jun 2024 06:35:16 GMT
etag
"d886186c458cce4b5da4b34216f6a02c"
last-modified
Sat, 01 Jun 2024 19:59:18 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Framer/5595161
server-timing
region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="5595161"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
chunk-UTMQOBIS.mjs
framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/
538 KB
159 KB
Script
General
Full URL
https://framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/chunk-UTMQOBIS.mjs
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c3d917ae5d48542dd1c66c0bc132de121c6db557527ff6a335ec8b99a9b5a31d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Origin
https://wickedpepe.vip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 18:00:39 GMT
x-amz-version-id
L65Gb0kvILFULsjJ2NkLlT1i.7smOm.l
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
45278
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="axNIzyh_RXfQmJni_Ni_7UEpKb4zunnqjhzhSjBcwrWq43NXQfLM-g==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 01 Jun 2024 17:59:07 GMT
server
CloudFront
etag
W/"fce7daebc7b2fac7cf60565389646ec6"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
axNIzyh_RXfQmJni_Ni_7UEpKb4zunnqjhzhSjBcwrWq43NXQfLM-g==
chunk-ENK4YSX5.mjs
framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/
638 B
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/chunk-ENK4YSX5.mjs
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
73fcd5fdc64a278f22249a576182756a53b3036014ef55e590ff3227e6efc223
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Origin
https://wickedpepe.vip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 18:00:39 GMT
x-amz-version-id
VaLenYlNh4C9a1vxygQtBC5Ri41umM1b
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
45278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="t_CYk-Klwk5HeQYAJ_HL9aj3_ZYWIf81IHyLZ1j6InRet8JuBqCxdw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
content-length
638
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 01 Jun 2024 17:59:07 GMT
server
CloudFront
etag
"bd2b8db25ff07b9bc881c3723643e6a5"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
t_CYk-Klwk5HeQYAJ_HL9aj3_ZYWIf81IHyLZ1j6InRet8JuBqCxdw==
z6lODiNl8OOBQOiXG0u76VECzQ7rDr32bPZ3eVxg2YQ.R35XQ4DZ.mjs
framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/
31 KB
8 KB
Script
General
Full URL
https://framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/z6lODiNl8OOBQOiXG0u76VECzQ7rDr32bPZ3eVxg2YQ.R35XQ4DZ.mjs
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bd3d05e0082c9a4320629af6e55d5195bc5bc7457358c7fce2f3919af328585a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Origin
https://wickedpepe.vip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 21:49:26 GMT
x-amz-version-id
VJKXsG03PuBGPzl9TYFPtDKDX3ISUfXr
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
31551
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="T89Mi43kIzJaMPKVk3N1N2NTOjO_09WbBeyDbIEZrxRh3GXMYYPJpA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 01 Jun 2024 19:59:18 GMT
server
CloudFront
etag
W/"7035f0b7bbcc059c72f637ad37d259db"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
T89Mi43kIzJaMPKVk3N1N2NTOjO_09WbBeyDbIEZrxRh3GXMYYPJpA==
chunk-EZG4WWHU.mjs
framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/
918 B
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/chunk-EZG4WWHU.mjs
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2f262bbfb92a15b2546a41e9a3185372ab52d0f9d1966eb89788d48777992395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Origin
https://wickedpepe.vip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 18:00:39 GMT
x-amz-version-id
dfhMqwr33N_Rnq2BsZB1UDTDjEyhuMXf
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
45278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="_y5ZpNNp7DGtAPVwb9dfw1IbRBdwWt2vUrTV6jXVzupayeQePHeidw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
content-length
918
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 01 Jun 2024 17:59:07 GMT
server
CloudFront
etag
"4c656d3968c43781fa90d03dce53b337"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
_y5ZpNNp7DGtAPVwb9dfw1IbRBdwWt2vUrTV6jXVzupayeQePHeidw==
script
events.framer.com/
16 KB
6 KB
Script
General
Full URL
https://events.framer.com/script
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-68.muc50.r.cloudfront.net
Software
/
Resource Hash
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 06:35:17 GMT
content-encoding
gzip
via
1.1 0dfb58f1fc97e590bcf6bcf75288d878.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length
15882
x-amz-cf-pop
MUC50-P4
x-amzn-requestid
b807bd97-12bf-4803-9412-bc18676ce1fa
x-amzn-trace-id
Root=1-665c12a5-4c5271526edff1353394c1c3
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Sun, 02 Jun 2024 06:31:30 GMT
x-amz-apigw-id
YufZ3F2SIAMESeA=
content-length
5325
x-amz-cf-id
r7eNTWS5xHZ6X7omg5zg5sPXi_pbpmAiZjJDpnW3sCw0QsKIm8fM0Q==
7dNp4X58GGPdeQPDfugoK2WQg2g.png
framerusercontent.com/images/
14 KB
15 KB
Image
General
Full URL
https://framerusercontent.com/images/7dNp4X58GGPdeQPDfugoK2WQg2g.png
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4b033ed9130e977b838a441e2c1c69d0e5c90b5de38d343196f5080412e229b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 16:06:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
52146
x-amzn-requestid
111a89a1-49f3-4d83-a0ca-e0b87e21484d
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="dHgO9O93mbaxUevTKrtbuUx9X2CzeyLBvvSLKmnss8ijyIy497P8fg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"2d1dfb23cbd0ec00420df6de6061cd2d"
x-amzn-trace-id
root=1-665b46f1-5f4cce5746cd5805119626c8;parent=26281a7dcb7d1ea9;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
dHgO9O93mbaxUevTKrtbuUx9X2CzeyLBvvSLKmnss8ijyIy497P8fg==
SPOMCKU4uuU5WiwgDZpOZdZ0A.svg
framerusercontent.com/images/
409 B
1 KB
Image
General
Full URL
https://framerusercontent.com/images/SPOMCKU4uuU5WiwgDZpOZdZ0A.svg
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac2d7403c78b77434c0ebbfe61d06c28264b10e465cfc5e5a300e6b01cf93117
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 12:31:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
151421
x-amzn-requestid
9b0fc7b1-b55b-4da9-9d1c-136e9578d57e
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="vsA5ZzX-DvQONwdofPwheo_DipWVClkRh0jcktZxWQ1Nf3kAWOUVAg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"e03a1eddea66094122a9052e6f56350c"
x-amzn-trace-id
root=1-6659c327-1a46da0128b0c544241a32c4;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
vsA5ZzX-DvQONwdofPwheo_DipWVClkRh0jcktZxWQ1Nf3kAWOUVAg==
AgqAA2T8sY5cqpNYTfyfF6uwTtQ.svg
framerusercontent.com/images/
494 B
1 KB
Image
General
Full URL
https://framerusercontent.com/images/AgqAA2T8sY5cqpNYTfyfF6uwTtQ.svg
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0a12e27ae65356ef0d8217e42ad9aed4166389c29edb540d14baffe5a6e83508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 19:06:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
300512
x-amzn-requestid
8ab46681-f697-4c29-92e9-e7b9c07cad69
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="t5PVeAglK5JIZyTc66YsW-2skUClhnrA8WW0RVrJF8J47BGhQaXeIA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=12
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"812e5792824879f973c3aa073b03c2e1"
x-amzn-trace-id
root=1-66577cc4-25472ef318ee173979ba91ce;parent=14c62fc990282569;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
t5PVeAglK5JIZyTc66YsW-2skUClhnrA8WW0RVrJF8J47BGhQaXeIA==
5U7N4zZTXJEgIVKew06OgnUrKeg.svg
framerusercontent.com/images/
3 KB
4 KB
Image
General
Full URL
https://framerusercontent.com/images/5U7N4zZTXJEgIVKew06OgnUrKeg.svg?scale-down-to=512
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d03fe5733a781b4153e721a0d1555a37d93fcfb76804516291ec5e8a46e5f2de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 19:06:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
300512
x-amzn-requestid
bfefa16e-ca35-4c88-8ff7-d5fb9a30475f
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="2PfMexD3cqIZ3CCE7XA0PhIfQLxs9NROMM_IDlV9Xi8Vxa-3vDIgwg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"3612a150e20f51afa8445b980c3654e9"
x-amzn-trace-id
root=1-66577cc4-1e0bd41f511aa5ee6e0cd951;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
2PfMexD3cqIZ3CCE7XA0PhIfQLxs9NROMM_IDlV9Xi8Vxa-3vDIgwg==
FK5SJHrE3RDLOARfptpGi2YMv0.svg
framerusercontent.com/images/
3 KB
4 KB
Image
General
Full URL
https://framerusercontent.com/images/FK5SJHrE3RDLOARfptpGi2YMv0.svg
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2165e77b4c9b861ef2d412460f6bef107500209f2db8eb5b8523d77bed65614e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 20:06:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
37704
x-amzn-requestid
d1467934-8403-410a-ade8-1eb861cb32de
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="h_FgFCGhEfhvYo7R3rLuY_M3lhQXcg8tEEeig256jKtXomwhAjPPWA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"09b2035e14792d3c5cfee1b55e0a4342"
x-amzn-trace-id
root=1-665b7f5c-0ac143c577ff2378218829ca;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
h_FgFCGhEfhvYo7R3rLuY_M3lhQXcg8tEEeig256jKtXomwhAjPPWA==
kTmYyVmTS0VLG32ABdYa0XdpIOE.svg
framerusercontent.com/images/
3 KB
4 KB
Image
General
Full URL
https://framerusercontent.com/images/kTmYyVmTS0VLG32ABdYa0XdpIOE.svg
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
91e7cee6192842497d3a67901db51b568ffe5d7b6183c31057e514fe96270d12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 13:21:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
321245
x-amzn-requestid
3334f1cd-2f9e-4229-b3af-c5d449340964
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="9l0EBouL4lI4UrmcLluKDDnrSKeonN79pqyb8VkmwmUqLvRTyZBzXw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"ed8d90716adff8900f346393b7103182"
x-amzn-trace-id
root=1-66572bc7-239cc72472169c7b05350afe;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
9l0EBouL4lI4UrmcLluKDDnrSKeonN79pqyb8VkmwmUqLvRTyZBzXw==
default_script0.2SADKQI4.mjs
framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/
2 KB
2 KB
Script
General
Full URL
https://framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/default_script0.2SADKQI4.mjs
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
81b935c0bb894f5082dc350e853e0d0d5bdacc2c847f413d6bdf6fad955b1545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Origin
https://wickedpepe.vip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 21:49:26 GMT
x-amz-version-id
wK.CX_czszN0yWIp8VgCbSMN9Yo5ZEtx
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
31551
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="lygDCnLwHz4q4u7X-G5FR1UN2L27gtgKT0jFk_STtJM0oOLL4ocPig==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=13
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 01 Jun 2024 19:59:18 GMT
server
CloudFront
etag
W/"99c6b6402d5f6717729ee08137b33b0b"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
lygDCnLwHz4q4u7X-G5FR1UN2L27gtgKT0jFk_STtJM0oOLL4ocPig==
EYqzma1QwqpG4_BBN7iKXw.woff2
fonts.gstatic.com/s/lacquer/v15/
73 KB
74 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lacquer/v15/EYqzma1QwqpG4_BBN7iKXw.woff2
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73b909cde047802efe47147bc42ca8d341ebe2d12ab2742e02d87716122393ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Origin
https://wickedpepe.vip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 00:22:11 GMT
x-content-type-options
nosniff
age
108785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75192
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 00:22:11 GMT
xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2
fonts.gstatic.com/s/palanquindark/v14/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/palanquindark/v14/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2
Requested by
Host: wickedpepe.vip
URL: https://wickedpepe.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37bb3776ce24d18cccdd5dc96199ad60c22afd1e190452a18e8c4fd2f8679a98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Origin
https://wickedpepe.vip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 23:22:10 GMT
x-content-type-options
nosniff
age
112386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20084
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:46:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 May 2025 23:22:10 GMT
dotlottie-player-FSGNXSZJ.mjs
framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/
408 KB
107 KB
Script
General
Full URL
https://framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/dotlottie-player-FSGNXSZJ.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/z6lODiNl8OOBQOiXG0u76VECzQ7rDr32bPZ3eVxg2YQ.R35XQ4DZ.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-65.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
1fe58eda07de7a17bc58d2cfc0218090141afd1d92222f9504f4737282a87cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/z6lODiNl8OOBQOiXG0u76VECzQ7rDr32bPZ3eVxg2YQ.R35XQ4DZ.mjs
Origin
https://wickedpepe.vip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 18:00:43 GMT
x-amz-version-id
_g1rLWhVtDsWPkPhzZeBd1zISWVVvB9D
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 c2741d5ee2beeb4c9f22fb24f76708b6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
45275
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="REC",cdn-rid;desc="gzRjYUeohXUPRh2vHRdILsDtjg5zQoHVVfxgfKB4ZuAVEuHXkK0xWQ==",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 01 Jun 2024 17:59:07 GMT
server
CloudFront
etag
W/"2eb1518fda05cbe030894c57e5598504"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
gzRjYUeohXUPRh2vHRdILsDtjg5zQoHVVfxgfKB4ZuAVEuHXkK0xWQ==
49jt8vXbSmWgZPoUtG02c2qk5B4.zip
framerusercontent.com/assets/
152 KB
153 KB
XHR
General
Full URL
https://framerusercontent.com/assets/49jt8vXbSmWgZPoUtG02c2qk5B4.zip
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/7DxdBDL3Ku3MJqR259rfWr/dotlottie-player-FSGNXSZJ.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-65.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
557e1e23350e4bd33ab6878ab7be5e844b55b07fa4b2b47c4b06b7fdbc78cbde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 14:42:53 GMT
x-amz-version-id
dmJdx.j.jYlQla3pUCeWE9GBwz8kJU2N
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 c2741d5ee2beeb4c9f22fb24f76708b6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
834745
x-amz-server-side-encryption
aws:kms
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="Swa4ycO-YcbjjbO-3E9_pnPFtuY00mMBsf9EH8G7_Th6By5WRLvB3A==",cdn-downstream-fbl;dur=3
alt-svc
h3=":443"; ma=86400
content-length
155941
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Apr 2024 09:05:42 GMT
server
CloudFront
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag
"18bff7f3c97f5c026c78697d4afbc610"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Swa4ycO-YcbjjbO-3E9_pnPFtuY00mMBsf9EH8G7_Th6By5WRLvB3A==
anonymous
events.framer.com/
0
0
Preflight
General
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-68.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wickedpepe.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 02 Jun 2024 06:35:17 GMT
via
1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
x-amz-apigw-id
YufZ7GXFoAMEXfg=
x-amz-cf-id
f-M7_eRoSEhyjd5PEH6rqqCD9ZGNSXG-Ja6l3S40SvmdB85Ew5Md1A==
x-amz-cf-pop
MUC50-P4
x-amzn-requestid
3ddf0f8f-dec0-4f03-b986-449ad385315d
x-cache
Miss from cloudfront
anonymous
events.framer.com/
0
0
Fetch
General
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-68.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://wickedpepe.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 02 Jun 2024 06:35:18 GMT
via
1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
x-amzn-trace-id
Root=1-665c12a5-3c6c2409469afcac59e5692b;Parent=3f653952ff0d326a;Sampled=0;lineage=c457ad49:0
x-amzn-requestid
268055ee-99ce-4776-9f60-10ad67cef2ae
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
YufZ-HqIIAMElyg=
content-length
0
x-amz-cf-id
5oFp9piWFxe85bQnoD5iUgAOM0JtdKmmaFZroHKwLJglbZ2YIMG3Ug==
7dNp4X58GGPdeQPDfugoK2WQg2g.png
framerusercontent.com/images/
14 KB
0
Other
General
Full URL
https://framerusercontent.com/images/7dNp4X58GGPdeQPDfugoK2WQg2g.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4b033ed9130e977b838a441e2c1c69d0e5c90b5de38d343196f5080412e229b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wickedpepe.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 16:06:09 GMT
via
1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MUC50-P5
age
52146
x-amzn-requestid
111a89a1-49f3-4d83-a0ca-e0b87e21484d
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="dHgO9O93mbaxUevTKrtbuUx9X2CzeyLBvvSLKmnss8ijyIy497P8fg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"2d1dfb23cbd0ec00420df6de6061cd2d"
x-amzn-trace-id
root=1-665b46f1-5f4cce5746cd5805119626c8;parent=26281a7dcb7d1ea9;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
dHgO9O93mbaxUevTKrtbuUx9X2CzeyLBvvSLKmnss8ijyIy497P8fg==
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36abed08eef90aa7566c73f8fcd153658bebf2df3b488cae8b1c548ffe02cae8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6c43473ab37945e825ff10c1aeda505afce0459fa73104b8aa0b93dfa212893

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a03cd46c9e3936b5fc72a70b74a302a10418eddf0ba37044da65736c39fe742

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bebb7a47a832dd547004f7cbf3bf395d6a4adbd11d35f3aa569812f6db9850b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
15 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
171bca93274d55fa7156524787684be4544619de358be326448e6408e05343b6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
16 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e88d569015cb96296efb1c90998429ffb9c1213f40ea3870eb483e0dacd371ff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
15 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34f5e23fa5026d44d2ead00e290f19c7787e1718ea99fd6c755a34198581a8e6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
15 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9dfdbbd6110ddda60edf16d7e25a69456c330c9ca661951b5d6fe72a4a743d0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4804e39d1315957ac02ae40b3cd7c8f652c285d802788bc403acda656a6ad0b7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
truncated
/
12 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
583fe353dbd92d47577efa275302aa8d5885b9f4c48b5cab41c477b25a682341

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| __framer_onRewriteBreakpoints object| animator function| HandoffAppearAnimations undefined| HandoffCancelAllAnimations undefined| __FRAMER_TURN_OFF_REACT_EVENT_HANDLING__ function| __framer_importFromPackage object| process object| __framer_events boolean| HandoffComplete object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| __send_framer_event

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.framer.com
fonts.gstatic.com
framerusercontent.com
wickedpepe.vip
18.173.187.68
2600:9000:20ae:2200:d:ada1:a280:93a1
2a00:1450:4001:810::2003
52.223.52.2
54.230.228.65
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364
0a12e27ae65356ef0d8217e42ad9aed4166389c29edb540d14baffe5a6e83508
0bebb7a47a832dd547004f7cbf3bf395d6a4adbd11d35f3aa569812f6db9850b
171bca93274d55fa7156524787684be4544619de358be326448e6408e05343b6
1fe58eda07de7a17bc58d2cfc0218090141afd1d92222f9504f4737282a87cff
2165e77b4c9b861ef2d412460f6bef107500209f2db8eb5b8523d77bed65614e
2e6536486bfbb58a908c53d2a2acce6a701e00f0574ac81ca5d68bd0c3912146
2f262bbfb92a15b2546a41e9a3185372ab52d0f9d1966eb89788d48777992395
34f5e23fa5026d44d2ead00e290f19c7787e1718ea99fd6c755a34198581a8e6
36abed08eef90aa7566c73f8fcd153658bebf2df3b488cae8b1c548ffe02cae8
37bb3776ce24d18cccdd5dc96199ad60c22afd1e190452a18e8c4fd2f8679a98
4804e39d1315957ac02ae40b3cd7c8f652c285d802788bc403acda656a6ad0b7
4b033ed9130e977b838a441e2c1c69d0e5c90b5de38d343196f5080412e229b1
557e1e23350e4bd33ab6878ab7be5e844b55b07fa4b2b47c4b06b7fdbc78cbde
583fe353dbd92d47577efa275302aa8d5885b9f4c48b5cab41c477b25a682341
73b909cde047802efe47147bc42ca8d341ebe2d12ab2742e02d87716122393ef
73fcd5fdc64a278f22249a576182756a53b3036014ef55e590ff3227e6efc223
81b935c0bb894f5082dc350e853e0d0d5bdacc2c847f413d6bdf6fad955b1545
8a03cd46c9e3936b5fc72a70b74a302a10418eddf0ba37044da65736c39fe742
91e7cee6192842497d3a67901db51b568ffe5d7b6183c31057e514fe96270d12
ac2d7403c78b77434c0ebbfe61d06c28264b10e465cfc5e5a300e6b01cf93117
bd3d05e0082c9a4320629af6e55d5195bc5bc7457358c7fce2f3919af328585a
c3d917ae5d48542dd1c66c0bc132de121c6db557527ff6a335ec8b99a9b5a31d
c6c43473ab37945e825ff10c1aeda505afce0459fa73104b8aa0b93dfa212893
d03fe5733a781b4153e721a0d1555a37d93fcfb76804516291ec5e8a46e5f2de
e88d569015cb96296efb1c90998429ffb9c1213f40ea3870eb483e0dacd371ff
f9dfdbbd6110ddda60edf16d7e25a69456c330c9ca661951b5d6fe72a4a743d0