wickedapp.co Open in urlscan Pro
2606:4700:20::681a:d24 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wickedapp.co/
Submission Tags: phishingrod
Submission: On September 21 via api (September 21st 2024, 3:21:32 am UTC) from DE — Scanned from US

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:20::681a:d24, located in United States and belongs to CLOUDFLARENET, US. The main domain is wickedapp.co.
TLS certificate: Issued by WE1 on August 31st 2024. Valid for: 3 months.

This is the only time wickedapp.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:20:... 2606:4700:20::681a:d24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.64.99 142.250.64.99	15169 (GOOGLE) (GOOGLE)
17	5

9 2606:4700:20::681a:d24 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wickedapp.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.64.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	wickedapp.co 1 redirects wickedapp.co	196 KB
6	gstatic.com fonts.gstatic.com	343 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 803	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	2 KB
17	4

	Domain	Requested by
9	wickedapp.co	1 redirects wickedapp.co
6	fonts.gstatic.com	fonts.googleapis.com
2	unpkg.com	1 redirects wickedapp.co
2	fonts.googleapis.com	wickedapp.co
17	4

This site contains links to these domains. Also see Links.

Domain
ko-fi.com

Subject Issuer	Validity	Valid
wickedapp.co WE1	`2024-08-31` - `2024-11-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://wickedapp.co/
Frame ID: AA10D2CD6C8CCE2C1435F6D7582E1446
Requests: 16 HTTP requests in this frame

Frame: https://wickedapp.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: C6325514368CBFD79C8AD8A032DB9705
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wicked

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

88 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

562 kB
Transfer

636 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ko-fi.com/hearse
Title: Donate

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/htmx.org@1.9.6 HTTP 302
https://unpkg.com/htmx.org@1.9.6/dist/htmx.min.js

Request Chain 13

https://wickedapp.co/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://wickedapp.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wickedapp.co/ 7 KB
3 KB 207ms
109ms Document
text/html 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedapp.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Hono
Resource Hash: cc1bdd833385a66dd871e62ff344c2142a9bf590d7ccc047f35d213823c50d48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-ray: 8c66ecd7cba13713-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 21 Sep 2024 03:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBfYnhNLMZZjbH%2FjcOhzq5Y5CSydhjM5GcmgMUBRvp3u9WsWuUxbFHKOdapIJTceQvbe5c6y1n8NyLLfPqHwOk4tVU30kYHENcq2ZbNL%2BGfnLs6XYBh9cS5OoFUQEDxfD64ctqW710%2BSEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Hono

GET
H2 200 css2
fonts.googleapis.com/ 696 B
873 B 221ms
81ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined

Requested by

Host: wickedapp.co
URL: https://wickedapp.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c0a23658a3dc495d592ac1a7e92c5a353f12d5ef2dea420c59dc1bafde0a677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wickedapp.co/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 21 Sep 2024 03:21:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 03:21:27 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 21 Sep 2024 03:21:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2

200

htmx.min.js Show response
unpkg.com/htmx.org@1.9.6/dist/
Redirect Chain

https://unpkg.com/htmx.org@1.9.6
https://unpkg.com/htmx.org@1.9.6/dist/htmx.min.js

45 KB
21 KB

41ms
41ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/htmx.org@1.9.6/dist/htmx.min.js

Requested by

Host: wickedapp.co
URL: https://wickedapp.co/

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb723c305cf6d6315c890909815523588509e2e092a59f8cfc4a885829689d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wickedapp.co/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "b3dc-BNiLAwytQYKI/1Irrk3yUZQcUPE"
age: 17832795
x-content-type-options: nosniff
date: Sat, 21 Sep 2024 03:21:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HQNTWS87VA5FVNNS8F2XZHBW-mia
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8c66ecd95ad10a12-MIA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
location: /htmx.org@1.9.6/dist/htmx.min.js
content-encoding: gzip
cf-cache-status: HIT
age: 17822217
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8c66ecd91a9b0a12-MIA
access-control-allow-origin: *
date: Sat, 21 Sep 2024 03:21:27 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01HQP4ZM08W3N814A5KP6GSWSG-mia
server: cloudflare

GET
H2 200 styles.css
wickedapp.co/static/ 13 KB
4 KB 198ms
197ms Stylesheet
text/css 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedapp.co/static/styles.css
Requested by: Host: wickedapp.co
URL: https://wickedapp.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Hono
Resource Hash: cdca1ba0298054f2d497b8732903d4d5bf9edc33444fe2ea83b9e592a09da63f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wickedapp.co/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SYE3HhZZUQ1mLG7fwFjY0Ijw8H8BxWTUYivY4OHxjRZLiyqp9xmc72Vq6TREgq5881qFP6AwGuXPCrJDJvwJUrdb8EScxDpFH%2Bj1pZCR0FvsBwyr1r2vAw1vkBa1vNMLnF89iJqUlwNpmw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c66ecd88c173713-MIA
date: Sat, 21 Sep 2024 03:21:27 GMT
content-type: text/css; charset=utf-8
x-powered-by: Hono
server: cloudflare
vary: Accept-Encoding

GET
H2 200 wicked-logo.png
wickedapp.co/static/ 58 KB
58 KB 198ms
198ms Image
image/png 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wickedapp.co/static/wicked-logo.png
Requested by: Host: wickedapp.co
URL: https://wickedapp.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Hono
Resource Hash: 266942dbfd154991d17f74e8a1d925da38bfc0a89aaa8fa30ba0a7cdfbd95007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wickedapp.co/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dH%2Bwzc6BoSoATSu6Iomhp2z%2FHabjmaTCMD%2BWa2cfEYqwvQB6473WlyRsvwNROVMrO%2BJc8xGE0Fznn5yT40C4%2Bk%2FvjnrZ4F8deeYX9X91zb2n2RbDtjTuUPQD48wGVTO5jnNZGFGHJB%2Bpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c66ecd88c183713-MIA
content-length: 59412
date: Sat, 21 Sep 2024 03:21:27 GMT
content-type: image/png
x-powered-by: Hono
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
1 KB 83ms
82ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: wickedapp.co
URL: https://wickedapp.co/static/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wickedapp.co/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 21 Sep 2024 03:21:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Sep 2024 03:21:27 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 21 Sep 2024 03:04:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
DATA 200
OK truncated
/ 151 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c044baab4bac7964d6f27df256adb5db8457a4be0580d44e21d6d2a52869a3e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 Aspal.ttf
wickedapp.co/static/ 17 KB
9 KB 204ms
200ms Font
font/ttf 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedapp.co/static/Aspal.ttf
Requested by: Host: wickedapp.co
URL: https://wickedapp.co/static/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Hono
Resource Hash: 9ce3796fc8d1467074f0e28ba86075991be54e4301aa5684e9cd7d38da970183

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wickedapp.co
Referer: https://wickedapp.co/static/styles.css

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2yTtgo6NuLwp%2FURTHFHcpStoaBLv%2B8eVz%2FP7raNai81PvIo1RkQj9%2BibTyAyWBeYEc%2FXEQQOHcGKUwdduQlrnj9wJ%2BSUgZqE9P1Isi6ppaz%2Fwx8%2FaVZJxwaPAKl2Zh7p6XhfI95vr22o5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c66ecdaedc33713-MIA
date: Sat, 21 Sep 2024 03:21:27 GMT
content-type: font/ttf
x-powered-by: Hono
server: cloudflare
vary: Accept-Encoding

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 140ms
63ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wickedapp.co
Referer: https://fonts.googleapis.com/

Response headers

age: 207873
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 17:36:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 17:36:54 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 142ms
66ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wickedapp.co
Referer: https://fonts.googleapis.com/

Response headers

age: 205049
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 18:23:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 18:23:58 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 190ms
114ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wickedapp.co
Referer: https://fonts.googleapis.com/

Response headers

age: 207163
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 17:48:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 17:48:44 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20144
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 215ms
138ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wickedapp.co
Referer: https://fonts.googleapis.com/

Response headers

age: 206800
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 17:54:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 17:54:47 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v207/ 249 KB
249 KB 328ms
252ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialsymbolsoutlined/v207/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

652375147000cd6611fb11bbdb01465c11259575aef7c62647cc1bb30873d524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wickedapp.co
Referer: https://fonts.googleapis.com/

Response headers

age: 213421
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 16:04:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 16:04:26 GMT
last-modified: Thu, 05 Sep 2024 16:24:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 254912
x-xss-protection: 0
server: sffe

GET
H3 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 236ms
160ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

d6d436fde6c23ffcdf1adc1626ace4d8f58086e98228f2451e5a65b248309260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wickedapp.co
Referer: https://fonts.googleapis.com/

Response headers

age: 212609
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 16:17:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 16:17:58 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20216
x-xss-protection: 0
server: sffe

GET
H2

200

main.js Show response
wickedapp.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame C632
Redirect Chain

https://wickedapp.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://wickedapp.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

8 KB
4 KB

39ms
38ms

Script
application/javascript

2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wickedapp.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

Requested by

Host: wickedapp.co
URL: https://wickedapp.co/

Protocol

Server

2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da488a0c98872d388879b91e859650de6117feba37f4d6f72980f2b83ecfc7eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1Uu52WIGDA%2FjGV8bbwn3F0zzEWurqkx0jcYBr00nCe4pRFnBXfjBAwpMPAkbaQ33el3cwNsuNyp1GdbEzHwjAaHnAtW1PAMA6K0%2B2axqIhARea2qqgku04GkWAjPdgURuZWgnyebdDAmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8c66ecdb7e133713-MIA
date: Sat, 21 Sep 2024 03:21:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9oEg%2Bt6Ji%2FQqSo1DLX9ieMBeOhjxXSqj4%2BYC49coczEvNodellLl00N82acYkhqY3%2FVzEXboa%2BblryPrPX26Ble7mQwVYc63jnt6NK3Tf7nndhyCExceVFTXG%2FaQIlpRVKWXAw4r9Nsuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c66ecdafdca3713-MIA
access-control-allow-origin: *
content-length: 0
date: Sat, 21 Sep 2024 03:21:27 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 8c66ecd7cba13713 Show response
wickedapp.co/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C632 0
869 B 76ms
72ms XHR
text/plain 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedapp.co/cdn-cgi/challenge-platform/h/g/jsd/r/8c66ecd7cba13713
Requested by: Host: wickedapp.co
URL: https://wickedapp.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8c66ecdc8e9d3713-MIA
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 0
date: Sat, 21 Sep 2024 03:21:27 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50Ut5MbZbUaEz%2FvKIxSKpWAjHaTZ%2Fo3bBgFtN1ad%2F1r0P1GAfFrDuYm0qhFZCw66DfWzzkiFgbeq8WYT59mDQpHErb8nSCvhodeSRaHe7zattEpnaMqqscaNsCOy85LvG37kVFkf22wCrg%3D%3D"}],"group":"cf-nel","max_age":604800}

GET
H2 200 wicked-logo.png
wickedapp.co/static/ 58 KB
58 KB 53ms
52ms Other
image/png 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedapp.co/static/wicked-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Hono
Resource Hash: 266942dbfd154991d17f74e8a1d925da38bfc0a89aaa8fa30ba0a7cdfbd95007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wickedapp.co/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UETkZ180%2BiH61rtPW6rUVIs1abSK%2BWgPJJ3LeIYYtFhXSORbyh4YtNyqwbxw%2FyPRLaKUJiL%2BZ3ogOWdNVlQscIC5jtoPDo9sWx%2BisozgK1HWNFIIsFT%2BptD4BcCPZH9L0EQaEXqGrwdraw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c66ecddaf4c3713-MIA
content-length: 59412
date: Sat, 21 Sep 2024 03:21:27 GMT
content-type: image/png
x-powered-by: Hono
server: cloudflare
vary: Accept-Encoding

GET
H2 200 wicked-logo.png
wickedapp.co/static/ 58 KB
58 KB 55ms
54ms Other
image/png 2606:4700:20::681a:d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedapp.co/static/wicked-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Hono
Resource Hash: 266942dbfd154991d17f74e8a1d925da38bfc0a89aaa8fa30ba0a7cdfbd95007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wickedapp.co/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2xCRSJMCZp28BWQkhHUfeHlUiCnh0bzlhe4ZEY8V6K%2FaoT23z9m6Qi%2FrKvgT1q7d1WgMbkppjpVBzUinL%2BE460zWwdXfoSzOzQ7F3x84CAC3KAa3r42DIPWOAEDicCY6jJa0MnpPxcbuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c66ecde5fa63713-MIA
content-length: 59412
date: Sat, 21 Sep 2024 03:21:28 GMT
content-type: image/png
x-powered-by: Hono
server: cloudflare
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| htmx

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wickedapp.co/	1970-01-21 08:27:04	Name: cf_clearance Value: E3qIiFykd4PVk5qTerOFrnULd.nVB1oXj4LLAhr93x4-1726888887-1.2.1.1-uitWwdUYF3gU8G2Cb9cXd34BLJxAtQy06uUDaSFiZLKafM_7OFD3NDgTBoP34vbJauwxRkXTs5R5FZABAKCsoZW.0.w1GD7j55lZhLqKz4VK9_KmiWPdaXAqMDDvrasEBnyYe_Oyr57aOD9GqyE4OobSgG02JUUxvLA6oTNixpAi4Sg6x7GReP.uu.qY0vi_9ncaU0B.VRNDvh094zxvZy1O11duqeXn8EJI2vZD1nX9LGewfniGui96Uw.JS4gw5PFjQWsPhRsLTA4gg3gk7Ne9aOtQjJ3Yb7Iey7wUf96OMlLvLyw.qYOvIhhiPyPrVMlRlTGwXgaJUb5rxriJYwvWKSqM8xk7_6OwfWkwsRc8vIWJBPDy4T.MZmxGOFsz

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
unpkg.com
wickedapp.co
142.250.64.99
2606:4700:20::681a:d24
2606:4700::6811:f8cb
2607:f8b0:4006:823::200a
0c0a23658a3dc495d592ac1a7e92c5a353f12d5ef2dea420c59dc1bafde0a677
266942dbfd154991d17f74e8a1d925da38bfc0a89aaa8fa30ba0a7cdfbd95007
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
652375147000cd6611fb11bbdb01465c11259575aef7c62647cc1bb30873d524
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9ce3796fc8d1467074f0e28ba86075991be54e4301aa5684e9cd7d38da970183
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66
c044baab4bac7964d6f27df256adb5db8457a4be0580d44e21d6d2a52869a3e6
cbb723c305cf6d6315c890909815523588509e2e092a59f8cfc4a885829689d5
cc1bdd833385a66dd871e62ff344c2142a9bf590d7ccc047f35d213823c50d48
cdca1ba0298054f2d497b8732903d4d5bf9edc33444fe2ea83b9e592a09da63f
d6d436fde6c23ffcdf1adc1626ace4d8f58086e98228f2451e5a65b248309260
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da488a0c98872d388879b91e859650de6117feba37f4d6f72980f2b83ecfc7eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

wickedapp.co Open in urlscan Pro 2606:4700:20::681a:d24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

88 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

5 IPs

1 Countries

562 kBTransfer

636 kBSize

1 Cookies

1 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

wickedapp.co Open in urlscan Pro
2606:4700:20::681a:d24 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

88 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

562 kB
Transfer

636 kB
Size

1
Cookies

17 HTTP transactions
1 data transactions