wickedletters.com
Open in
urlscan Pro
2a02:4780:27:1614:0:103c:762c:5
Public Scan
Submission Tags: phishingrod
Submission: On July 25 via api from DE — Scanned from GB
Summary
TLS certificate: Issued by WR1 on July 25th 2024. Valid for: 3 months.
This is the only time wickedletters.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 2a02:4780:27:... 2a02:4780:27:1614:0:103c:762c:5 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
3 | 2400:52e0:1e0... 2400:52e0:1e00::1082:1 | 60068 (CDN77 _) (CDN77 _) | |
2 | 194.164.74.56 194.164.74.56 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
8 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
wickedletters.com
wickedletters.com |
82 KB |
3 |
bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 15346 |
31 KB |
8 | 2 |
Domain | Requested by | |
---|---|---|
5 | wickedletters.com |
wickedletters.com
|
3 | fonts.bunny.net |
wickedletters.com
fonts.bunny.net |
8 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.typotheque.com |
rosettatype.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
wickedletters.com WR1 |
2024-07-25 - 2024-10-23 |
3 months | crt.sh |
fonts.bunny.net R11 |
2024-07-06 - 2024-10-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://wickedletters.com/
Frame ID: FC96AAA44B8FC7D28D7B80CE2A548E2E
Requests: 9 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title: Nocturno Text Georgian
Search URL Search Domain Scan URL
Title: Nocturno Display Georgian
Search URL Search Domain Scan URL
Title: Nocturno Stencil Georgian
Search URL Search Domain Scan URL
Title: Adapter Georgian
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
wickedletters.com/ |
18 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-C74azAxa.js
wickedletters.com/assets/ |
44 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-D6jsvaBf.css
wickedletters.com/assets/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.bunny.net/ |
61 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Persepolis2-Regular-7gG2jxam.otf
wickedletters.com/assets/ |
59 KB 60 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noto-sans-latin-600-normal.woff2
fonts.bunny.net/noto-sans/files/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noto-sans-latin-400-normal.woff2
fonts.bunny.net/noto-sans/files/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LOGO-CvB_fUlp.svg
wickedletters.com/assets/ |
2 KB 656 B |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| stretchText function| specialEffects object| Alpine0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.bunny.net
wickedletters.com
194.164.74.56
2400:52e0:1e00::1082:1
2a02:4780:27:1614:0:103c:762c:5
173f548d991aa146e9d3563a46478dd3f29f78314736999c6fc937e23643447e
4c0aea6139bcfbb5d8295db45717b7dab4b1ea854564068c5cac0c2cefc679fd
64039f6b7689cc4ae132d6fedae067976aabe56ee346cc2148548f1b209c6bd6
6470d1e84ba7ef11de10c4f6a43e9fb5681f654ee45b07ccd951241b353568eb
b48183bfd99b57ec0d1b1d55068def243862b25a8f3d5500eeef58b37f84e413
c12684fb2807281e86e69c3462de707b415b08f6f5f6cfeb58e3fd64478663ff
c6494d651fed62dcf771564d978a0c660a4a174e0d7f16174a7d7023b8f22425
e55dd35ae5bd20e27d3af390f6cf2849bc2ad94e712c210c4bd1c8c7568d7704
f4fd2ae29a091ddb409ab9f3dde792e264d980fe2050d2ecb417605a0264fc52