www.gandalfshrektupacnigeria666.xyz Open in urlscan Pro
52.223.52.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gandalfshrektupacnigeria666.xyz/
Effective URL:
https://www.gandalfshrektupacnigeria666.xyz/
Submission: On October 10 via api (October 10th 2024, 11:32:37 pm UTC) from JP — Scanned from JP

Summary HTTP 19 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 19 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is www.gandalfshrektupacnigeria666.xyz.
TLS certificate: Issued by E6 on October 9th 2024. Valid for: 3 months.

This is the only time www.gandalfshrektupacnigeria666.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.223.52.2 52.223.52.2	16509 (AMAZON-02) (AMAZON-02)
10	2600:9000:277... 2600:9000:2772:ba00:d:ada1:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.65.168.68 18.65.168.68	16509 (AMAZON-02) (AMAZON-02)
1	142.251.42.163 142.251.42.163	15169 (GOOGLE) (GOOGLE)
5	3.164.121.117 3.164.121.117	16509 (AMAZON-02) (AMAZON-02)
19	5

2 52.223.52.2 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com

gandalfshrektupacnigeria666.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gandalfshrektupacnigeria666.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2772:ba00:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.168.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-168-68.nrt57.r.cloudfront.net

events.framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.164.121.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-121-117.nrt12.r.cloudfront.net

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	framerusercontent.com framerusercontent.com — Cisco Umbrella Rank: 26990	5 MB
2	framer.com events.framer.com — Cisco Umbrella Rank: 37544	7 KB
2	gandalfshrektupacnigeria666.xyz 1 redirects gandalfshrektupacnigeria666.xyz www.gandalfshrektupacnigeria666.xyz	12 KB
1	gstatic.com fonts.gstatic.com	74 KB
19	4

	Domain	Requested by
15	framerusercontent.com	www.gandalfshrektupacnigeria666.xyz
2	events.framer.com	www.gandalfshrektupacnigeria666.xyz events.framer.com
1	fonts.gstatic.com	www.gandalfshrektupacnigeria666.xyz
1	www.gandalfshrektupacnigeria666.xyz
1	gandalfshrektupacnigeria666.xyz	1 redirects
19	5

This site contains links to these domains. Also see Links.

Domain
x.com
t.me

Subject Issuer	Validity	Valid
www.gandalfshrektupacnigeria666.xyz E6	`2024-10-09` - `2025-01-07`	3 months	crt.sh
framerusercontent.com Amazon RSA 2048 M02	`2023-12-18` - `2025-01-14`	a year	crt.sh
events.framer.com Amazon RSA 2048 M03	`2024-04-09` - `2025-05-07`	a year	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.gandalfshrektupacnigeria666.xyz/
Frame ID: D92133330D112DBE9CAC7774A961C4D6
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

$ETH

Page URL History Show full URLs

https://gandalfshrektupacnigeria666.xyz/ HTTP 308
https://www.gandalfshrektupacnigeria666.xyz/ Page URL

Page Statistics

19
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

5491 kB
Transfer

6315 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://x.com/gandalfshrek666

Search URL Search Domain Scan URL

URL: https://t.me/gandalfshrek666

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gandalfshrektupacnigeria666.xyz/ HTTP 308
https://www.gandalfshrektupacnigeria666.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gandalfshrektupacnigeria666.xyz/
Redirect Chain

https://gandalfshrektupacnigeria666.xyz/
https://www.gandalfshrektupacnigeria666.xyz/

66 KB
12 KB

263ms
39ms

Document
text/html

52.223.52.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.223.52.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0b1d980e1f2226c6.awsglobalaccelerator.com

Software

Framer/7da29d7 /

Resource Hash

fef96ed0b087d16421a373c4849ae2522e658d91d1ade0d837cb78ad27ce6c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 11913
content-type: text/html
date: Thu, 10 Oct 2024 23:32:27 GMT
etag: "cdb8cd5cb6f8d5fcf61698d37763256f"
last-modified: Thu, 10 Oct 2024 03:32:08 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server: Framer/7da29d7
server-timing: region;desc="ap-northeast-2", cache;desc="cached", ssg-status;desc="optimized", version;desc="7da29d7"
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-length: 80
content-type: text/html; charset=utf-8
date: Thu, 10 Oct 2024 23:32:26 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
location: https://www.gandalfshrektupacnigeria666.xyz/
server: Framer/7da29d7
strict-transport-security: max-age=31536000

GET
H2 200 chunk-DGS2W3BE.mjs Show response
framerusercontent.com/sites/2gKi2s8nCAXErYiNAsaZwJ/ 619 KB
174 KB 15ms
6ms Script
text/javascript 2600:9000:2772:ba00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/2gKi2s8nCAXErYiNAsaZwJ/chunk-DGS2W3BE.mjs

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2772:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b83da7bfce836909654eec3d87140f36b0d22d41e064f9d4440567c71a7f9e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.gandalfshrektupacnigeria666.xyz
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

access-control-max-age: 0
content-encoding: br
etag: W/"d0f778497d913c0eb5df22a47e3e14a6"
x-amz-version-id: 22zjk2Uo.NeZVlRT1ls.yRlCD2_bb6NL
age: 84422
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 9aDy60EG_ucdoBSkRsaySkBZfoGz2mC3Vd3qqNffCKwZlZDUU3ddAg==
date: Thu, 10 Oct 2024 00:05:26 GMT
content-type: text/javascript
last-modified: Wed, 09 Oct 2024 23:02:20 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-rid;desc="9aDy60EG_ucdoBSkRsaySkBZfoGz2mC3Vd3qqNffCKwZlZDUU3ddAg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5e3bce6b6d5ddb4d2acecfc7512e032c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-RIUMFBNJ.mjs Show response
framerusercontent.com/sites/2gKi2s8nCAXErYiNAsaZwJ/ 447 B
1 KB 20ms
12ms Script
text/javascript 2600:9000:2772:ba00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/2gKi2s8nCAXErYiNAsaZwJ/chunk-RIUMFBNJ.mjs

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2772:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.gandalfshrektupacnigeria666.xyz
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

access-control-max-age: 0
etag: "30ed32fa3444df726bb60d89113cf478"
x-amz-version-id: VDdn4ilWStcKVv3fka9jIAxgnFFev8q2
age: 84422
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: bFUTGWa4khQ7nK7kohDzCiNFxsGWUNejDI9MmSxCCEBujXrzDH_j_A==
date: Thu, 10 Oct 2024 00:05:26 GMT
content-type: text/javascript
last-modified: Wed, 09 Oct 2024 23:02:20 GMT
vary: Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-rid;desc="bFUTGWa4khQ7nK7kohDzCiNFxsGWUNejDI9MmSxCCEBujXrzDH_j_A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5e3bce6b6d5ddb4d2acecfc7512e032c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 447
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 _YJZHVBv_I1B-Sn-th67l1ciPcz-zMFO1ozZljE0rt0.4FDRFU3F.mjs Show response
framerusercontent.com/sites/2gKi2s8nCAXErYiNAsaZwJ/ 35 KB
12 KB 7ms
4ms Script
text/javascript 2600:9000:2772:ba00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/2gKi2s8nCAXErYiNAsaZwJ/_YJZHVBv_I1B-Sn-th67l1ciPcz-zMFO1ozZljE0rt0.4FDRFU3F.mjs

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2772:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ce7a8267cca332a9c30046b42a72de5f23686e81c1663cf026c730d6c03f06fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.gandalfshrektupacnigeria666.xyz
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

access-control-max-age: 0
content-encoding: gzip
etag: W/"891b08eb5afa78d423d3dcc7786d552b"
x-amz-version-id: .o7sQNPLlMnvahmi73s.tmKkZrHyccYX
age: 71012
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: f6aN6oisiKC0CSCYpStEYF3zc3yGaqoHQo4w9x_2rBlhOEyoIns3vw==
date: Thu, 10 Oct 2024 03:48:56 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 03:32:07 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-rid;desc="f6aN6oisiKC0CSCYpStEYF3zc3yGaqoHQo4w9x_2rBlhOEyoIns3vw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5e3bce6b6d5ddb4d2acecfc7512e032c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 chunk-FZB56XQE.mjs Show response
framerusercontent.com/sites/2gKi2s8nCAXErYiNAsaZwJ/ 891 B
2 KB 10ms
7ms Script
text/javascript 2600:9000:2772:ba00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/2gKi2s8nCAXErYiNAsaZwJ/chunk-FZB56XQE.mjs

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2772:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

fe0d410e77c3c1a5633d72280424dedbdb103f480e16cddd52a295f4a0288f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.gandalfshrektupacnigeria666.xyz
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

access-control-max-age: 0
etag: "de2cdb0b435136088fe9cb99a5cad913"
x-amz-version-id: cU43okXk3QRb3feJA_dIlmxj35Udvwvv
age: 71012
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: gRBlxS0wvU3vEiTkOaoLwe8e7RDgjLKUIjmJapZsGngljunsjtFzTg==
date: Thu, 10 Oct 2024 03:48:56 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 03:32:07 GMT
vary: Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-rid;desc="gRBlxS0wvU3vEiTkOaoLwe8e7RDgjLKUIjmJapZsGngljunsjtFzTg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5e3bce6b6d5ddb4d2acecfc7512e032c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 891
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 script_main.FBICRXYJ.mjs Show response
framerusercontent.com/sites/2gKi2s8nCAXErYiNAsaZwJ/ 2 KB
2 KB 10ms
7ms Script
text/javascript 2600:9000:2772:ba00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/2gKi2s8nCAXErYiNAsaZwJ/script_main.FBICRXYJ.mjs

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2772:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

80e0fd7cabbc380d34d0e449ad62f622cf6ea970fc5c5164f026a1c0a011f994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.gandalfshrektupacnigeria666.xyz
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

access-control-max-age: 0
content-encoding: gzip
etag: W/"71fe87a7046cea9d235feb984b233f21"
x-amz-version-id: dK.7f3XR4f852ggM1uUDoU9z5pke4gFr
age: 71012
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: TRGAIIg74hcblCTHKhLUYoRxeZk0UW2KzcRkkvwEKIhPCxuFRro_tg==
date: Thu, 10 Oct 2024 03:48:56 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 03:32:07 GMT
vary: Accept-Encoding,Origin
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-rid;desc="TRGAIIg74hcblCTHKhLUYoRxeZk0UW2KzcRkkvwEKIhPCxuFRro_tg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 5e3bce6b6d5ddb4d2acecfc7512e032c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 script Show response
events.framer.com/ 18 KB
6 KB 483ms
472ms Script
text/javascript 18.65.168.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.framer.com/script

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.168.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-168-68.nrt57.r.cloudfront.net

Software

Resource Hash

42ab97de3b62ec15ffd05a8efec84ffdba67d5dad61da9b035cd5f2c10bcef84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length: 18060
timestamp: Thu, 10 Oct 2024 23:30:14 GMT
content-encoding: gzip
x-amz-apigw-id: fdSR8EvEoAMEVRA=
x-amzn-trace-id: Root=1-6708640c-1d91582d32a86bc66d259559
x-amzn-requestid: b665371e-372f-4859-bc83-b66937a402e3
via: 1.1 c48b5b0fd428fb86c275c538e5240570.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 6151
x-amz-cf-id: dP_QNdQBjq6OIzoSVvVdacncTXQhtkSRCdmsmZgYgMvenpVsGgmuAA==
date: Thu, 10 Oct 2024 23:32:28 GMT
content-type: text/javascript
x-amz-cf-pop: NRT57-P1

GET
H2 200 vTfWnMCTZe8aVlpSDILoHoO3cY.webp
framerusercontent.com/images/ 231 KB
233 KB 9ms
8ms Image
image/webp 2600:9000:2772:ba00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/vTfWnMCTZe8aVlpSDILoHoO3cY.webp

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2772:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

540b5f8f7d1923ff2e6630e4538c87979fe23153dcfa6364ff7021a7bd9e6ca2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

etag: "1fa58ac8d3feb3c6e4d134fe0a810183"
age: 93290
x-content-type-options: nosniff
x-amzn-requestid: 69343f50-4808-48b6-9510-0f0a75a1fbda
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: aM3ZEveYhtURx-NhM75HTsH0w26J-5Odw5R-X63k73NiqglZx0uxIw==
date: Wed, 09 Oct 2024 21:37:37 GMT
content-type: image/webp
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-rid;desc="aM3ZEveYhtURx-NhM75HTsH0w26J-5Odw5R-X63k73NiqglZx0uxIw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6706f79f-67b7671e6f1702792f2bdb93;Sampled=1;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6a949c9479291618ae4e64d8a11e0c50.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3

GET
H2 200 uCafR79pFv1astul7DnNiSzCIEI.gif
framerusercontent.com/images/ 61 KB
62 KB 7ms
7ms Image
image/webp 2600:9000:2772:ba00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/uCafR79pFv1astul7DnNiSzCIEI.gif

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2772:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b7bc69e23b22edc68c52d3243e24ffc907b94f28a17ee9672a1cfc1a3e9dbe09

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

etag: "40453ba31fa6af3495d3901d9fb2c1da"
age: 92861
x-content-type-options: nosniff
x-amzn-requestid: 368ddf8d-f830-4a6e-9eb4-6afa608c8c63
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: z7Vs1uU_S1FyUlb2ERA6NSgxdlgeu0tvdEgvEkRVeJcNQagUOWKzvg==
date: Wed, 09 Oct 2024 21:44:46 GMT
content-type: image/webp
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-rid;desc="z7Vs1uU_S1FyUlb2ERA6NSgxdlgeu0tvdEgvEkRVeJcNQagUOWKzvg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6706f94e-2134eff616aa33b62f647921;Parent=408a13006c51883f;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6a949c9479291618ae4e64d8a11e0c50.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3

GET
H2 200 t119bD4egrwr23Qs33Dkd2BqKA.gif
framerusercontent.com/images/ 46 KB
47 KB 7ms
5ms Image
image/webp 2600:9000:2772:ba00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/t119bD4egrwr23Qs33Dkd2BqKA.gif

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2772:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

168c1556599ec9ad3c8cb72f0e107a07b67a3805e5bf08064b90cd87758568e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

etag: "189469eaeb4ef7c90b56faef2e3728ad"
age: 92668
x-content-type-options: nosniff
x-amzn-requestid: 0f7e803d-2839-48bb-a698-13ae3dc7f2ca
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Xg1Ns-vOpGz__u48jKSORryKzv1DvsHo3TgSWzYSnCouOPee57fM2w==
date: Wed, 09 Oct 2024 21:47:59 GMT
content-type: image/webp
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-rid;desc="Xg1Ns-vOpGz__u48jKSORryKzv1DvsHo3TgSWzYSnCouOPee57fM2w==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6706fa0e-28955edd49a775a35a1b5661;Sampled=1;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6a949c9479291618ae4e64d8a11e0c50.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3

GET
H2 200 O2MbCLTXo6gCjj355IvxmDQArZc.gif
framerusercontent.com/images/ 58 KB
59 KB 8ms
6ms Image
image/webp 2600:9000:2772:ba00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/O2MbCLTXo6gCjj355IvxmDQArZc.gif

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2772:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

71e73f753d3c348e0749e0a7433954be0f5ca7cd4d9b753f3f71cef388ad9951

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

etag: "e5619a334fdc29a2fffff51bed689495"
age: 92668
x-content-type-options: nosniff
x-amzn-requestid: 09cf11cd-af1e-4e0a-8cfe-9ec7121915b1
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: OPWUSMsY04LFalLiX-NKror0ha6Yn9yfVFCDapdhsoXzs4m0FsXbYw==
date: Wed, 09 Oct 2024 21:47:59 GMT
content-type: image/webp
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-rid;desc="OPWUSMsY04LFalLiX-NKror0ha6Yn9yfVFCDapdhsoXzs4m0FsXbYw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6706fa0f-279e346a3b9be9193485b2fe;Sampled=1;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6a949c9479291618ae4e64d8a11e0c50.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3

GET
H2 200 r8kUZNIppOan354rshaUcDaDQ.gif
framerusercontent.com/images/ 34 KB
35 KB 9ms
7ms Image
image/webp 2600:9000:2772:ba00:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/r8kUZNIppOan354rshaUcDaDQ.gif

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2772:ba00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

75907d1a9af92f671db379b229e995b75fb159fac13a56b0e108fe7b1e1ba065

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

etag: "5201d756191a06f1e9478b918397e536"
age: 92668
x-content-type-options: nosniff
x-amzn-requestid: 38bd97db-841f-4dd1-a6e3-35964024feee
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: YZW_4PGpzcZ5hJS4p8dZ363aZdbSD9BCDtPLD4Dlx5bPzKW41iZW5w==
date: Wed, 09 Oct 2024 21:47:59 GMT
content-type: image/webp
vary: Accept
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-rid;desc="YZW_4PGpzcZ5hJS4p8dZ363aZdbSD9BCDtPLD4Dlx5bPzKW41iZW5w==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6706fa0f-16bc1934124eab682369fb0d;Parent=22efbea495984c65;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 6a949c9479291618ae4e64d8a11e0c50.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3

GET
H3 200 jVyO7nf_B2zO5jVpUGU8ljQDf8k.woff2
fonts.gstatic.com/s/jacquard24/v2/ 74 KB
74 KB 56ms
7ms Font
font/woff2 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jacquard24/v2/jVyO7nf_B2zO5jVpUGU8ljQDf8k.woff2

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

sffe /

Resource Hash

a9d58df8e8075b5507b9a27b581c59171f3244c5095f36639ad03ffc01f7ec13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.gandalfshrektupacnigeria666.xyz
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

age: 18714
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 18:20:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 18:20:33 GMT
last-modified: Thu, 11 Apr 2024 18:31:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75328
x-xss-protection: 0
server: sffe

GET
H3 206 v2ftpRqHKB3zP474vIyvQwVFZto.mp4
framerusercontent.com/assets/ 4 MB
4 MB 7ms
7ms Media
video/mp4 3.164.121.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/v2ftpRqHKB3zP474vIyvQwVFZto.mp4

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

3.164.121.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-164-121-117.nrt12.r.cloudfront.net

Software

CloudFront /

Resource Hash

58b611907fd05352feb5b818c299cd1fefbde188993f762056b4e265d7aea930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://www.gandalfshrektupacnigeria666.xyz/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

etag: "61c48be547438f24c5a7afad9b93d344"
x-amz-version-id: .iJbzHlJhLow1tN2e3qz.RqwMovsN220
age: 84138
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="aVpCQ_HwsoIxYiprGhKrze94i8aj2FDX2_B6AjywO7Mr-AbZM9Wq3w==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 00:10:10 GMT
content-type: video/mp4
last-modified: Wed, 09 Oct 2024 21:42:07 GMT
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-id: aVpCQ_HwsoIxYiprGhKrze94i8aj2FDX2_B6AjywO7Mr-AbZM9Wq3w==
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
Content-Range: bytes 0-3977261/3977262
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f76917b432f94f721577901af1dbe63e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 3977262
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3
server: CloudFront
x-amz-server-side-encryption: aws:kms

GET
H3 206 1FktKhUAEic17MWSkgbmB7nF3Q.mp3
framerusercontent.com/assets/ 771 KB
771 KB 9ms
8ms Media
audio/mpeg 3.164.121.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/1FktKhUAEic17MWSkgbmB7nF3Q.mp3

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

3.164.121.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-164-121-117.nrt12.r.cloudfront.net

Software

CloudFront /

Resource Hash

a89ec196ff08e7fea519f359d0e1b9c089e20a3bc97b46e9a021f25a733e6844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://www.gandalfshrektupacnigeria666.xyz/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

etag: "8851052bcb7949423cb42c12570c74f3"
x-amz-version-id: whSjPMvNDzWnGVnozs9QEoSWYqMRRwSc
age: 84422
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="xxSXCB7_8A6HrteI7FaKiHW_A1Olxqk45y6fEbmNhuRQMB2FeRfAZw==",cdn-downstream-fbl=3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 00:05:25 GMT
content-type: audio/mpeg
last-modified: Wed, 09 Oct 2024 22:30:28 GMT
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-id: xxSXCB7_8A6HrteI7FaKiHW_A1Olxqk45y6fEbmNhuRQMB2FeRfAZw==
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
Content-Range: bytes 0-789155/789156
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f76917b432f94f721577901af1dbe63e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 789156
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3
server: CloudFront
x-amz-server-side-encryption: aws:kms

GET
H3 206 1FktKhUAEic17MWSkgbmB7nF3Q.mp3
framerusercontent.com/assets/ 29 KB
0 24ms
10ms Media
audio/mpeg 3.164.121.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/1FktKhUAEic17MWSkgbmB7nF3Q.mp3

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

3.164.121.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-164-121-117.nrt12.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://www.gandalfshrektupacnigeria666.xyz/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

etag: "8851052bcb7949423cb42c12570c74f3"
x-amz-version-id: whSjPMvNDzWnGVnozs9QEoSWYqMRRwSc
age: 84422
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="5d6HQGZ4Q2IYHmVYBPfhmbvHONbCtdDnwnVUM9kfLr75wfxfIz9fSA==",cdn-downstream-fbl=2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 00:05:25 GMT
content-type: audio/mpeg
last-modified: Wed, 09 Oct 2024 22:30:28 GMT
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-id: 5d6HQGZ4Q2IYHmVYBPfhmbvHONbCtdDnwnVUM9kfLr75wfxfIz9fSA==
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
Content-Range: bytes 0-789155/789156
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f76917b432f94f721577901af1dbe63e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 789156
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3
server: CloudFront
x-amz-server-side-encryption: aws:kms

GET
H3 206 Gw4ogotH2M3vwBULlZ1y9sihfyI.mp4
framerusercontent.com/assets/ 271 KB
0 11ms
11ms Media
video/mp4 3.164.121.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/assets/Gw4ogotH2M3vwBULlZ1y9sihfyI.mp4

Requested by

Host: www.gandalfshrektupacnigeria666.xyz
URL: https://www.gandalfshrektupacnigeria666.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

3.164.121.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-164-121-117.nrt12.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://www.gandalfshrektupacnigeria666.xyz/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

etag: "d5299b1dcf6df4e1c681a81e664fc69b"
x-amz-version-id: q1mkRlw6e3M2EoSRfBq_WKR66YH7PZlb
age: 84138
x-content-type-options: nosniff
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="lISW2-7Z5qFTmduIPtfpuJ0nmlPH34_Ih4gLXlUS56NjYxd3Od5EKw==",cdn-downstream-fbl=4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 00:10:10 GMT
content-type: video/mp4
last-modified: Wed, 09 Oct 2024 21:39:20 GMT
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-id: lISW2-7Z5qFTmduIPtfpuJ0nmlPH34_Ih4gLXlUS56NjYxd3Od5EKw==
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
Content-Range: bytes 0-3991802/3991803
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f76917b432f94f721577901af1dbe63e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 3991803
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3
server: CloudFront
x-amz-server-side-encryption: aws:kms

POST
H2 200 anonymous
events.framer.com/ 0
364 B 484ms
484ms Ping
application/json 18.65.168.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: events.framer.com
URL: https://events.framer.com/script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.168.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-168-68.nrt57.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

x-amz-apigw-id: fdSSBHHVoAMEN9Q=
x-amzn-trace-id: Root=1-6708640c-65109419678aad3329d175b5;Sampled=1;Lineage=1:c457ad49:0
x-amzn-requestid: 0f2302c8-613d-4d4a-818f-1f2895f4195d
via: 1.1 c48b5b0fd428fb86c275c538e5240570.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: XigNpt7XLstb3rES8cA14k7Wlw8SNQ-nl9r9zmqDMY8KSRs5mknpGA==
date: Thu, 10 Oct 2024 23:32:28 GMT
content-type: application/json
x-amz-cf-pop: NRT57-P1

GET
H3 200 4SAQ1NnosO3JhSvTzV0khHvXW0.png
framerusercontent.com/images/ 114 KB
115 KB 7ms
7ms Other
image/avif 3.164.121.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/images/4SAQ1NnosO3JhSvTzV0khHvXW0.png

Protocol

Security

QUIC, , AES_128_GCM

Server

3.164.121.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-164-121-117.nrt12.r.cloudfront.net

Software

Resource Hash

9dd2aa9a6d1c2b8ff60aab8faba7ad704882a70ac70aa798bc583e689dafedef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.gandalfshrektupacnigeria666.xyz/

Response headers

etag: "d6434a6369232c34d1faf0841531d887"
age: 93764
x-content-type-options: nosniff
x-amzn-requestid: 715857a4-ff37-4f12-8448-69f47f2366ac
server-timing: cdn-cache-hit,cdn-pop;desc="NRT12-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="bbGNhPXApeZm1mIOBPoXT6wNnh7VCoS0iTG4FkkfekFKuMiCnmt-3g==",cdn-downstream-fbl=3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Oct 2024 21:29:44 GMT
content-type: image/avif
vary: Accept
x-amz-cf-id: bbGNhPXApeZm1mIOBPoXT6wNnh7VCoS0iTG4FkkfekFKuMiCnmt-3g==
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6706f5c6-1018e57563e7ee914698b18a;Parent=13799ee4c7f9a27b;Sampled=0;Lineage=1:f456f256:0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f76917b432f94f721577901af1dbe63e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 0
x-amz-cf-pop: NRT12-P3

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.framer.com
fonts.gstatic.com
framerusercontent.com
gandalfshrektupacnigeria666.xyz
www.gandalfshrektupacnigeria666.xyz
142.251.42.163
18.65.168.68
2600:9000:2772:ba00:d:ada1:a280:93a1
3.164.121.117
52.223.52.2
168c1556599ec9ad3c8cb72f0e107a07b67a3805e5bf08064b90cd87758568e3
42ab97de3b62ec15ffd05a8efec84ffdba67d5dad61da9b035cd5f2c10bcef84
540b5f8f7d1923ff2e6630e4538c87979fe23153dcfa6364ff7021a7bd9e6ca2
58b611907fd05352feb5b818c299cd1fefbde188993f762056b4e265d7aea930
71e73f753d3c348e0749e0a7433954be0f5ca7cd4d9b753f3f71cef388ad9951
75907d1a9af92f671db379b229e995b75fb159fac13a56b0e108fe7b1e1ba065
80e0fd7cabbc380d34d0e449ad62f622cf6ea970fc5c5164f026a1c0a011f994
9dd2aa9a6d1c2b8ff60aab8faba7ad704882a70ac70aa798bc583e689dafedef
a89ec196ff08e7fea519f359d0e1b9c089e20a3bc97b46e9a021f25a733e6844
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
a9d58df8e8075b5507b9a27b581c59171f3244c5095f36639ad03ffc01f7ec13
b7bc69e23b22edc68c52d3243e24ffc907b94f28a17ee9672a1cfc1a3e9dbe09
b83da7bfce836909654eec3d87140f36b0d22d41e064f9d4440567c71a7f9e9e
ce7a8267cca332a9c30046b42a72de5f23686e81c1663cf026c730d6c03f06fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe0d410e77c3c1a5633d72280424dedbdb103f480e16cddd52a295f4a0288f78
fef96ed0b087d16421a373c4849ae2522e658d91d1ade0d837cb78ad27ce6c14

www.gandalfshrektupacnigeria666.xyz Open in urlscan Pro 52.223.52.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

100 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

5 IPs

1 Countries

5491 kBTransfer

6315 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.gandalfshrektupacnigeria666.xyz Open in urlscan Pro
52.223.52.2 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

5491 kB
Transfer

6315 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions