wickednwildesites.com Open in urlscan Pro
18.218.185.231 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wickednwildesites.com/
Submission Tags: phishingrod
Submission: On May 09 via api (May 9th 2023, 4:44:41 pm UTC) from DE — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 21 HTTP transactions. The main IP is 18.218.185.231, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is wickednwildesites.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 9th 2023. Valid for: a year.

This is the only time wickednwildesites.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	18.218.185.231 18.218.185.231	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2 3	2600:9000:212... 2600:9000:2127:6c00:4:8ff3:780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.96 65.9.66.96	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	() ()
21	8

6 18.218.185.231 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-185-231.us-east-2.compute.amazonaws.com

wickednwildesites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
preprod.shoutsuite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:6c00:4:8ff3:780:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cdn.tiny.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-96.fra56.r.cloudfront.net

sp.tinymce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	wickednwildesites.com wickednwildesites.com	2 MB
3	tiny.cloud 2 redirects cdn.tiny.cloud — Cisco Umbrella Rank: 25135	159 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	2 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2495	250 B
1	shoutsuite.io preprod.shoutsuite.io	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	78 KB
1	tinymce.com sp.tinymce.com — Cisco Umbrella Rank: 25525	378 B
21	8

	Domain	Requested by
5	wickednwildesites.com	wickednwildesites.com
3	cdn.tiny.cloud	2 redirects wickednwildesites.com
2	fonts.googleapis.com	wickednwildesites.com
1	fonts.gstatic.com	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	preprod.shoutsuite.io	wickednwildesites.com
1	www.googletagmanager.com	wickednwildesites.com
1	sp.tinymce.com	wickednwildesites.com
21	8

This site contains no links.

Subject Issuer	Validity	Valid
Sectigo RSA Domain Validation Secure Server CA	`2023-05-09` - `2024-05-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
tinymce.com Amazon RSA 2048 M01	`2023-02-21` - `2023-07-20`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.shoutsuite.io Sectigo RSA Domain Validation Secure Server CA	`2022-05-20` - `2023-05-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wickednwildesites.com/
Frame ID: DC0FB559B92CCF8BABF90CDAC60171C7
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Social Owl

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

/tiny_?mce(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

21
Requests

57 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

2799 kB
Transfer

3243 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cdn.tiny.cloud/1/6utx5n6xl0j249jrskd41wwlf2g5u0m9zrvuq68bq8k04dbq/tinymce/5/tinymce.min.js HTTP 307
https://cdn.tiny.cloud/1/6utx5n6xl0j249jrskd41wwlf2g5u0m9zrvuq68bq8k04dbq/tinymce/5.10.7-133/tinymce.min.js HTTP 307
https://cdn.tiny.cloud/1/invalid-origin/tinymce/5.10.7-133/tinymce.min.js

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
wickednwildesites.com/ 989 B
1 KB 836ms
119ms Document
text/html 18.218.185.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wickednwildesites.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.185.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-185-231.us-east-2.compute.amazonaws.com
Software: Apache/2.4.53 () OpenSSL/1.0.2k-fips / Express
Resource Hash: 6ac9f122625df42ce4adc5068f29b1bbae5909b89ae38077a6f8ef41df09617e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=0
Connection: Keep-Alive
Content-Length: 989
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 May 2023 16:44:36 GMT
ETag: W/"3dd-188006029e7"
Keep-Alive: timeout=5, max=100
Last-Modified: Tue, 09 May 2023 11:58:02 GMT
Server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
Via: 1.1 wickednwildesites.com (Apache/2.4.53)
X-Powered-By: Express

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 80ms
31ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@200;600;800&display=swap

Requested by

Host: wickednwildesites.com
URL: https://wickednwildesites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29ab6a537c1baec60896fa51b01970737a459d629e9f6a2b1bf97a1f3893b3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 16:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 16:44:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 16:44:36 GMT

GET
H2

200

tinymce.min.js Show response
cdn.tiny.cloud/1/invalid-origin/tinymce/5.10.7-133/
Redirect Chain

https://cdn.tiny.cloud/1/6utx5n6xl0j249jrskd41wwlf2g5u0m9zrvuq68bq8k04dbq/tinymce/5/tinymce.min.js
https://cdn.tiny.cloud/1/6utx5n6xl0j249jrskd41wwlf2g5u0m9zrvuq68bq8k04dbq/tinymce/5.10.7-133/tinymce.min.js
https://cdn.tiny.cloud/1/invalid-origin/tinymce/5.10.7-133/tinymce.min.js

393 KB
158 KB

177ms
177ms

Script
application/javascript

2600:9000:2127:6c00:4:8ff3:780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tiny.cloud/1/invalid-origin/tinymce/5.10.7-133/tinymce.min.js
Requested by: Host: wickednwildesites.com
URL: https://wickednwildesites.com/
Protocol: H2
Server: 2600:9000:2127:6c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 75bac4ef5ef2db81c16b100e15c6e678f9434ac522345027d50d6d3c14cef6b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 16:44:36 GMT
content-encoding: gzip
via: 1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
server: nginx/1.20.0
etag: W/"RPVBR2MH2hTXxj4+mGS9PJFRQGAVReiw0S5HeWHSyPE="
access-control-max-age: 3600
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: *
x-amz-cf-id: s8IPhnPKMX2-lwMwdyBE1uM93R3Q_f4HLsgg59_LUr31mXjbojbN6Q==

Redirect headers

date: Tue, 09 May 2023 16:44:36 GMT
via: 1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: PRG50-C1
access-control-max-age: 3600
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-cache: Miss from cloudfront
location: https://cdn.tiny.cloud/1/invalid-origin/tinymce/5.10.7-133/tinymce.min.js
access-control-allow-origin: *
cache-control: public, s-maxage=10, max-age=0
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: *
content-length: 0
x-amz-cf-id: I3HJpK_DERE2lXlEp-yREI1l8QwIpdXyAKPGw_GmoCeXAN32SSyepQ==

GET
H/1.1 200
OK main.6c936e3c.js Show response
wickednwildesites.com/static/js/ 2 MB
2 MB 121ms
120ms Script
application/javascript 18.218.185.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wickednwildesites.com/static/js/main.6c936e3c.js
Requested by: Host: wickednwildesites.com
URL: https://wickednwildesites.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.185.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-185-231.us-east-2.compute.amazonaws.com
Software: Apache/2.4.53 () OpenSSL/1.0.2k-fips / Express
Resource Hash: f07251f14f1c9c8cdd311d7b4484cbd6e6ce5be6b5fdd947a48d6779346f33b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 16:44:36 GMT
Via: 1.1 wickednwildesites.com (Apache/2.4.53)
Last-Modified: Tue, 09 May 2023 11:58:02 GMT
Server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
X-Powered-By: Express
ETag: W/"236fd4-188006029eb"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2322388

GET
H/1.1 200
OK main.48bf9a78.css
wickednwildesites.com/static/css/ 253 KB
253 KB 121ms
121ms Stylesheet
text/css 18.218.185.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wickednwildesites.com/static/css/main.48bf9a78.css
Requested by: Host: wickednwildesites.com
URL: https://wickednwildesites.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.185.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-185-231.us-east-2.compute.amazonaws.com
Software: Apache/2.4.53 () OpenSSL/1.0.2k-fips / Express
Resource Hash: 2cf1db2251c5e57f7cb77644e6b41514637176482a18e450e98dfc74a572c3f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 16:44:36 GMT
Via: 1.1 wickednwildesites.com (Apache/2.4.53)
Last-Modified: Tue, 09 May 2023 11:58:02 GMT
Server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
X-Powered-By: Express
ETag: W/"3f300-188006029e7"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 258816

GET
H2 200 i
sp.tinymce.com/ 43 B
378 B 94ms
21ms Image
image/gif 65.9.66.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tinymce.com/i?aid=invalid-origin&tna=tinymce_cloud&p=web&dtm=1683650676804&stm=1683650676804&tz=Etc%2FUnknown&e=se&se_ca=script_load
Requested by: Host: wickednwildesites.com
URL: https://wickednwildesites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-96.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 05:24:01 GMT
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2017 05:55:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 40836
etag: "fb02f374b8f73825415db1bccd4bd76d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-amz-cf-id: t4xIIvfz_P-yraMk3Xo5k_4YYK7ROoO5yVEbYLWmT4aYPs1Q-uzt2A==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
861 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500

Requested by

Host: wickednwildesites.com
URL: https://wickednwildesites.com/static/css/main.48bf9a78.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a939643087135580491f7c0e68d61e5dcc158b010abceafd13eab220140f3f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 16:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 16:32:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 16:44:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 92ms
36ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H952CPTKJ7

Requested by

Host: wickednwildesites.com
URL: https://wickednwildesites.com/static/js/main.6c936e3c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08864a678bd10e7db7e80c395c7c16db242193a00c44878fa2a73fb48b0f3307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 16:44:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 May 2023 16:44:37 GMT

GET
H/1.1 200 contentConfig Show response
preprod.shoutsuite.io/socialowl-services/marketingSite/ 6 KB
7 KB 3932ms
121ms Fetch
application/json 18.218.185.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://preprod.shoutsuite.io/socialowl-services/marketingSite/contentConfig?licenseeId=889

Requested by

Host: wickednwildesites.com
URL: https://wickednwildesites.com/static/js/main.6c936e3c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.218.185.231 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-185-231.us-east-2.compute.amazonaws.com

Software

Apache/2.4.53 () OpenSSL/1.0.2k-fips /

Resource Hash

f92a0b6bdc7f54226087d7b72c07c9e4ff065b00a7b70310016b8fe4b3b24582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 16:44:41 GMT
Via: 1.1 shoutsuite.io (Apache/2.4.53)
X-Content-Type-Options: nosniff
Server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
X-XSS-Protection: 1; mode=block
Expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 85ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H952CPTKJ7&gtm=45je3530&_p=468282273&cid=1588847484.1683650678&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1683650677&sct=1&seg=0&dl=https%3A%2F%2Fwickednwildesites.com%2F&dt=Social%20Owl&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H952CPTKJ7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 16:44:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickednwildesites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 8.63cb065d.chunk.js
wickednwildesites.com/static/js/ 24 KB
0 121ms
120ms Script
application/javascript 18.218.185.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wickednwildesites.com/static/js/8.63cb065d.chunk.js
Requested by: Host: wickednwildesites.com
URL: https://wickednwildesites.com/static/js/main.6c936e3c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.185.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-185-231.us-east-2.compute.amazonaws.com
Software: Apache/2.4.53 () OpenSSL/1.0.2k-fips / Express
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 16:44:41 GMT
Via: 1.1 wickednwildesites.com (Apache/2.4.53)
Last-Modified: Tue, 09 May 2023 11:58:02 GMT
Server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
X-Powered-By: Express
ETag: W/"de493-188006029ef"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 910483

GET
H/1.1 200
OK 283.f1c49c8a.chunk.js
wickednwildesites.com/static/js/ 32 KB
0 121ms
120ms Script
application/javascript 18.218.185.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wickednwildesites.com/static/js/283.f1c49c8a.chunk.js
Requested by: Host: wickednwildesites.com
URL: https://wickednwildesites.com/static/js/main.6c936e3c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.185.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-185-231.us-east-2.compute.amazonaws.com
Software: Apache/2.4.53 () OpenSSL/1.0.2k-fips / Express
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickednwildesites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 16:44:41 GMT
Via: 1.1 wickednwildesites.com (Apache/2.4.53)
Last-Modified: Tue, 09 May 2023 11:58:02 GMT
Server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
X-Powered-By: Express
ETag: W/"55716-188006029ef"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 349974

GET 423.8d98c132.chunk.js
wickednwildesites.com/static/js/ 0
0

GET 48.09780b17.chunk.css
wickednwildesites.com/static/css/ 0
0

GET 48.8cc3349f.chunk.js
wickednwildesites.com/static/js/ 0
0

GET 984.f7e9a3e2.chunk.css
wickednwildesites.com/static/css/ 0
0

GET 984.574c5808.chunk.js
wickednwildesites.com/static/js/ 0
0

GET 889.26117823.chunk.js
wickednwildesites.com/static/js/ 0
0

GET 875.15902079.chunk.css
wickednwildesites.com/static/css/ 0
0

GET 875.0c1c82cc.chunk.js
wickednwildesites.com/static/js/ 0
0

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 77ms
24ms Font
font/woff2 2a00:1450:4001:80f::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@200;600;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wickednwildesites.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 14:39:37 GMT
x-content-type-options: nosniff
age: 439504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 May 2024 14:39:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wickednwildesites.com
URL: https://wickednwildesites.com/static/js/423.8d98c132.chunk.js

Domain: wickednwildesites.com
URL: https://wickednwildesites.com/static/css/48.09780b17.chunk.css

Domain: wickednwildesites.com
URL: https://wickednwildesites.com/static/js/48.8cc3349f.chunk.js

Domain: wickednwildesites.com
URL: https://wickednwildesites.com/static/css/984.f7e9a3e2.chunk.css

Domain: wickednwildesites.com
URL: https://wickednwildesites.com/static/js/984.574c5808.chunk.js

Domain: wickednwildesites.com
URL: https://wickednwildesites.com/static/js/889.26117823.chunk.js

Domain: wickednwildesites.com
URL: https://wickednwildesites.com/static/css/875.15902079.chunk.css

Domain: wickednwildesites.com
URL: https://wickednwildesites.com/static/js/875.0c1c82cc.chunk.js

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wickednwildesites.com/	1970-01-20 21:16:50	Name: _ga_H952CPTKJ7 Value: GS1.1.1683650677.1.0.1683650677.0.0.0
			.wickednwildesites.com/	1970-01-20 21:16:50	Name: _ga Value: GA1.1.1588847484.1683650678

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tiny.cloud
fonts.googleapis.com
fonts.gstatic.com
preprod.shoutsuite.io
region1.google-analytics.com
sp.tinymce.com
wickednwildesites.com
www.googletagmanager.com
wickednwildesites.com
18.218.185.231
2001:4860:4802:32::36
2600:9000:2127:6c00:4:8ff3:780:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2003
65.9.66.96
08864a678bd10e7db7e80c395c7c16db242193a00c44878fa2a73fb48b0f3307
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
29ab6a537c1baec60896fa51b01970737a459d629e9f6a2b1bf97a1f3893b3d6
2cf1db2251c5e57f7cb77644e6b41514637176482a18e450e98dfc74a572c3f5
6ac9f122625df42ce4adc5068f29b1bbae5909b89ae38077a6f8ef41df09617e
75bac4ef5ef2db81c16b100e15c6e678f9434ac522345027d50d6d3c14cef6b2
a939643087135580491f7c0e68d61e5dcc158b010abceafd13eab220140f3f44
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f07251f14f1c9c8cdd311d7b4484cbd6e6ce5be6b5fdd947a48d6779346f33b1
f92a0b6bdc7f54226087d7b72c07c9e4ff065b00a7b70310016b8fe4b3b24582

wickednwildesites.com Open in urlscan Pro 18.218.185.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

57 %HTTPS

71 %IPv6

8 Domains

8 Subdomains

8 IPs

2 Countries

2799 kBTransfer

3243 kBSize

2 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

Indicators

wickednwildesites.com Open in urlscan Pro
18.218.185.231 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

57 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

2799 kB
Transfer

3243 kB
Size

2
Cookies

21 HTTP transactions
0 data transactions