wicked.bloodbonds.de Open in urlscan Pro
85.13.143.118 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wicked.bloodbonds.de/
Submission Tags: phishingrod
Submission: On January 12 via api (January 12th 2024, 6:26:23 am UTC) from DE — Scanned from DE

Summary HTTP 59 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 59 HTTP transactions. The main IP is 85.13.143.118, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is wicked.bloodbonds.de.
TLS certificate: Issued by R3 on November 8th 2023. Valid for: 3 months.

This is the only time wicked.bloodbonds.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	85.13.143.118 85.13.143.118	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
16	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.190.63.111 64.190.63.111	47846 (SEDO-AS) (SEDO-AS)
59	4

39 85.13.143.118 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd43638.kasserver.com

wicked.bloodbonds.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.190.63.111 (Germany)

ASN47846 (SEDO-AS, DE)

smokescreen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	bloodbonds.de wicked.bloodbonds.de	4 MB
16	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	7 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1761	79 KB
1	smokescreen.de smokescreen.de	50 B
59	4

	Domain	Requested by
39	wicked.bloodbonds.de	wicked.bloodbonds.de
16	fonts.googleapis.com	wicked.bloodbonds.de
3	maxcdn.bootstrapcdn.com	wicked.bloodbonds.de maxcdn.bootstrapcdn.com
1	smokescreen.de	wicked.bloodbonds.de
59	4

This site contains links to these domains. Also see Links.

Domain
www.mybb.de
www.mybb.com

Subject Issuer	Validity	Valid
wicked.bloodbonds.de R3	`2023-11-08` - `2024-02-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
smokescreen.de Encryption Everywhere DV TLS CA - G2	`2023-05-04` - `2024-05-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wicked.bloodbonds.de/
Frame ID: 59307F48AF7E77D38E0237BCF6B3FB1E
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

« wicked ones »

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

4630 kB
Transfer

4884 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mybb.de/
Title: MyBB.de

Search URL Search Domain Scan URL

URL: http://www.mybb.com/
Title: MyBB

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wicked.bloodbonds.de/ 44 KB
8 KB 251ms
106ms Document
text/html 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: bc1036e0b2fbcdff2ba13e6c2a07e28b7041d374ef473f7989c93c60efa40548

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 06:26:18 GMT
server: Apache
vary: Accept-Encoding,User-Agent

GET
H2 200 jquery.js Show response
wicked.bloodbonds.de/jscripts/ 94 KB
32 KB 142ms
136ms Script
application/javascript 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/jscripts/jquery.js?ver=1806
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
last-modified: Tue, 02 Jul 2019 15:31:15 GMT
server: Apache
etag: "176d5-58cb46f7c1740-br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 32399

GET
H2 200 jquery.plugins.min.js Show response
wicked.bloodbonds.de/jscripts/ 22 KB
7 KB 137ms
132ms Script
application/javascript 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/jscripts/jquery.plugins.min.js?ver=1806
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: e54461020348c98411ebef9bf1c795ca4d7c42d8826fc3cfda40145913a3686a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
last-modified: Tue, 02 Jul 2019 15:31:16 GMT
server: Apache
etag: "5894-58cb46f7debff-br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 6705

GET
H2 200 general.js Show response
wicked.bloodbonds.de/jscripts/ 13 KB
3 KB 138ms
133ms Script
application/javascript 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/jscripts/general.js?ver=1806
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 924ab79f7df1eb3fd6a6f6cfc63426fe0b59e1b63c103c1569ef1c3866140131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
last-modified: Tue, 02 Jul 2019 15:31:15 GMT
server: Apache
etag: "3464-58cb46f7725a5-br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 3476

GET
H2 200 overlib.js Show response
wicked.bloodbonds.de/jscripts/ 48 KB
13 KB 195ms
189ms Script
application/javascript 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/jscripts/overlib.js
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: d3a2c96155ffc70710b22fb1f3d407657ede46e38a0a6721eff9f32e7e51bf90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
last-modified: Tue, 02 Jul 2019 15:31:16 GMT
server: Apache
etag: "c05c-58cb46f856dd8-br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 13579

GET
H2 200 css
fonts.googleapis.com/ 1 KB
528 B 144ms
56ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba8a2573fe8b9833ad134018ac10ce7ab18748c0ad4b1fe8484b098b847fe2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 05:35:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 730 B
444 B 175ms
87ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Armata

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20a8bfd4f1834fe2a79d12e3f4ecda461aa970edff49aa4cb991f0013923e1f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:15:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 679 B
417 B 187ms
99ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

985949b8fad5482ff01b2b3027a1c5a0b63d52dfc9977f9dbe3d482c68a0767f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:26:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 730 B
447 B 174ms
86ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:01:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
663 B 142ms
54ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a980ee924c42eec124ecd82fd69bc5a54b201421c80540c4188a0e180ca01ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 05:36:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
561 B 164ms
77ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d02c1c9690c99d45f0dd028edf456c825a003e05f86c44259a6ec8aa46510286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 05:34:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 390 B
353 B 176ms
89ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Astloch

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e6e99b481ea9fcb4da3a102bc54811286eac000408480ae72a54d2eef9f0952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:26:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 755 B
433 B 142ms
55ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Pirata%20One

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00db4f1d9dd67891c167d0d9a0a8420c1553ae9b3d57cb070e5904959f198257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:26:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 737 B
426 B 175ms
88ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Imprima

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1bea0a49e472f5338ccb6cdb206ac821b95a1576046f1140e4f1bbfd0a44427f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:26:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
837 B 135ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karma

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac64be4317c27044f5ede681cd934fbfcc65a944b72eb018da32b9ea682e454e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:26:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 386 B
353 B 141ms
54ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Megrim

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c8f251e2dcb6d4934e7ff061055b82df4ba798b7339ab7f95926d41eaf32d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:26:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 392 B
359 B 143ms
57ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nova+Cut

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89eb9c5a89a34ad599b0eec8a057d5c4fc78889a1e4ac787002b3abb79969dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:26:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 142ms
56ms Stylesheet
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=Oleo-Script
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 1 KB
497 B 186ms
100ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poiret+One

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdc41d74b69cba32720e0879c32c1be5cca7dad03c4713aa9a773c13d722518e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 05:58:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 383 B
372 B 184ms
99ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sofia

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb1966231accd46f5dab0b19c922d1bc1951bba648192329d17e66b3ed49827f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:24:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 760 B
438 B 184ms
98ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Text+Me+One

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fff8b41d367bf0f9f83a3ef0b3070ce3ae83e5801d1aed4999819c8c6296bc2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 06:26:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 06:26:18 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 143ms
54ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1053
age: 3627382
cdn-cachedat: 09/24/2023 10:03:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"89916fa773ce96569604016ef25cab50"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 03c32cd711050016a0af8b6c82d222fb
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 844353c3cbea9968-FRA
cdn-requestpullsuccess: True

GET
H2 200 css.php
wicked.bloodbonds.de/ 34 KB
7 KB 103ms
100ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=18
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: e3697e07e277d98a8c5fdc4684ed34897530c84e84f819a908866c8067c14f3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 0
29 B 105ms
102ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=19
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
content-length: 1
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 2 KB
505 B 114ms
111ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=20
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 334f76547171d0cdee67dc2bdd4b22510781c53d3f50ebf285361688b78b11b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 3 KB
795 B 102ms
100ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=21
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: fb7af1b999a8e55120b9263d996f642526a71e12fadb43c7ae342a1fdf8b4dc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 474 B
220 B 192ms
190ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=26
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 6d87cbbda36e07bc16c93a183b767688d88cc6e63fde526dd42d8aa9d8fb9c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 1 KB
479 B 135ms
133ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=27
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 14d3d824e0dba493f9d67ade57f346b613ae6348d5075ff5ee6e818bddcf04b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 2 KB
489 B 134ms
132ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=28
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: fac1ebc5539248bb83cd11185e02e9a1c9cb26dd23cea34391d75d915dd601a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 737 B
318 B 138ms
136ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=29
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 645918267bb0cd17458f4a2470d8eccb55407e657e45040f59f69e51a1b6afea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 2 KB
602 B 194ms
192ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=31
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: fc50596a391de0cb376fe2065abc6d2c2a61d2906e4c4cf6ffab37123581fdfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 10 KB
2 KB 194ms
193ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=32
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 0aa4971529a5f5ebbb567b6865a3a600310203f8601539ce9df1901542d722b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 4 KB
945 B 192ms
190ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=33
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: e78b4e3a66bca61baa2b651890ae039e1eae84bbe102a26d439faed16fd94a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 css.php
wicked.bloodbonds.de/ 424 B
174 B 192ms
190ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/css.php?stylesheet=42
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: bff90710df199695af5962befb5092c5812c49b8bb948089c855469c3246a064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 myalerts.js Show response
wicked.bloodbonds.de/jscripts/ 3 KB
792 B 134ms
133ms Script
application/javascript 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/jscripts/myalerts.js
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: ddeb71931c7d4287c218d3fb0a6c038bf1588d320d6a670ab1b67ac758d5f973

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
last-modified: Tue, 02 Jul 2019 15:31:16 GMT
server: Apache
etag: "b02-58cb46f83e739-br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 740

GET
H2 200 weristwer.css
wicked.bloodbonds.de/jscripts/weristwer/ 430 B
244 B 133ms
132ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/jscripts/weristwer/weristwer.css
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 7ed8d545e4b2e0feb58abf460a444c621b57719852e4c9b7ada0bcbd16c0f957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
last-modified: Tue, 02 Jul 2019 15:31:20 GMT
server: Apache
etag: "1ae-58cb46fbd36e4-br"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 170

GET
H2 200 ingamescenes.css
wicked.bloodbonds.de/jscripts/ingamescenes/ 585 B
298 B 133ms
132ms Stylesheet
text/css 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/jscripts/ingamescenes/ingamescenes.css
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 8f53f722fae087a0bb286f65e8d17245f3245a8ef29934c544e9d2d7098ee0fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
last-modified: Tue, 02 Jul 2019 15:31:17 GMT
server: Apache
etag: "249-58cb46f9a0f05-br"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 219

GET
H2 441 header2.png
smokescreen.de/ 0
50 B 195ms
41ms Image
text/plain 64.190.63.111
SEDO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smokescreen.de/header2.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.63.111 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-length: 0
server: NginX

GET
H2 200 collapse.png
wicked.bloodbonds.de/images/ 414 B
493 B 133ms
132ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/collapse.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 0278d855e802bd2fc44ba3279b471feb94749f1771284f0af0d2b0ba2fccac6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
last-modified: Tue, 02 Jul 2019 15:30:03 GMT
server: Apache
accept-ranges: bytes
etag: "19e-58cb46b29b8de"
content-length: 414
content-type: image/png

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
6 KB 48ms
48ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1047
age: 5286998
cdn-cachedat: 10/31/2023 18:58:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 636c547408716b12e0429001e52d27d0
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 844353c41c119968-FRA
cdn-requestpullsuccess: True

GET
H2 200 task.php
wicked.bloodbonds.de/ 43 B
164 B 122ms
122ms Image
image/gif 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/task.php
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 06:26:18 GMT
last-modified: Fri, 12 Jan 2024 06:26:18 GMT
server: Apache
vary: User-Agent
content-type: image/gif
cache-control: no-cache, must-revalidate
expires: Sat, 1 Jan 2000 01:00:00 GMT

GET
H2 200 as_script.min.js Show response
wicked.bloodbonds.de/jscripts/accountswitcher/ 5 KB
1 KB 56ms
56ms Script
application/javascript 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/jscripts/accountswitcher/as_script.min.js?v=2008
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: a7b2fc1cd872311a0843cd69527546ea92473a02879219b6cea65d29fa7672da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
content-encoding: br
last-modified: Tue, 02 Jul 2019 15:31:17 GMT
server: Apache
etag: "1519-58cb46f8faece-br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 1013

GET
H2 200 tileable_wood_texture.png
wicked.bloodbonds.de/images/ 167 KB
168 KB 56ms
56ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/tileable_wood_texture.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/css.php?stylesheet=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: e2371335611df2e733dbb21206c28b984a555bf9d830ae3668479b45d68d7865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/css.php?stylesheet=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
last-modified: Tue, 02 Jul 2019 15:30:11 GMT
server: Apache
accept-ranges: bytes
etag: "29de4-58cb46b9cf474"
content-length: 171492
content-type: image/png

GET
H2 200 header3.png
wicked.bloodbonds.de/ 494 KB
494 KB 111ms
111ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/header3.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 40650cb193ede7cd8b6f3433128f6ffce918da7e4890654f6f11a722ec1f4af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:18 GMT
last-modified: Tue, 02 Jul 2019 15:29:42 GMT
server: Apache
accept-ranges: bytes
etag: "7b62a-58cb469e468cb"
content-length: 505386
content-type: image/png

GET
H2 200 candles%20burning.png
wicked.bloodbonds.de/images/ 128 KB
129 KB 172ms
172ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/candles%20burning.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: e0622d10342b1f9b16a8d53ab5ae3815a1b41445b5030d48e583106d09cf82f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:03 GMT
server: Apache
accept-ranges: bytes
etag: "201f4-58cb46b297a5e"
content-length: 131572
content-type: image/png

GET
H2 200 new_gro%C3%9F.png
wicked.bloodbonds.de/images/folder/ 21 KB
21 KB 217ms
217ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/folder/new_gro%C3%9F.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/css.php?stylesheet=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 85f84d82be4813192f15a139f11805219c447040786bc29580b672a4c0ffae78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/css.php?stylesheet=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:20 GMT
server: Apache
accept-ranges: bytes
etag: "55a6-58cb46c344248"
content-length: 21926
content-type: image/png

GET
H2 200 header2.png
wicked.bloodbonds.de/ 461 KB
461 KB 217ms
217ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/header2.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/css.php?stylesheet=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: a3f620dbe9fabe2c136707ff15bc3936ac5ddd0415239be23308e379e580e451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/css.php?stylesheet=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:29:41 GMT
server: Apache
accept-ranges: bytes
etag: "73353-58cb469d82436"
content-length: 471891
content-type: image/png

GET
H2 200 hintergrunde.png
wicked.bloodbonds.de/images/ 961 KB
962 KB 217ms
217ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/hintergrunde.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/css.php?stylesheet=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 9ad72bd047e42023e5296cf104d20393598a3292a1a1eac91d083fa1fc929eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/css.php?stylesheet=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:06 GMT
server: Apache
accept-ranges: bytes
etag: "f04fa-58cb46b550e76"
content-length: 984314
content-type: image/png

GET
H2 200 bg-areas.png
wicked.bloodbonds.de/images/ 533 KB
534 KB 278ms
278ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/bg-areas.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 7cd26c971a0db9e2c43c2ee5224cb45b5405fd9c6b5c54768b6c53185ddec55f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:02 GMT
server: Apache
accept-ranges: bytes
etag: "855f6-58cb46b1efae8"
content-length: 546294
content-type: image/png

GET
H2 200 i%20knew%20you.png
wicked.bloodbonds.de/images/ 128 KB
129 KB 285ms
284ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/i%20knew%20you.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: f9b0f5a44e5e6500d2de838e43a387dcd3cf75bd24573513dc3f7e98192c02bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:06 GMT
server: Apache
accept-ranges: bytes
etag: "201d1-58cb46b5a2ef1"
content-length: 131537
content-type: image/png

GET
H2 200 through%20the%20wood.png
wicked.bloodbonds.de/images/ 132 KB
132 KB 286ms
286ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/through%20the%20wood.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: cccde9f318e336c6cf7296ff6cf9d0e7f31f32e31ac320d246b86d289638eedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:10 GMT
server: Apache
accept-ranges: bytes
etag: "20e26-58cb46b992bb7"
content-length: 134694
content-type: image/png

GET
H2 200 old_gro%C3%9F.png
wicked.bloodbonds.de/images/folder/ 20 KB
20 KB 286ms
286ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/folder/old_gro%C3%9F.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/css.php?stylesheet=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 544046221dcad6ca28c9c21b3d9fc382794682dfae458f9de88b95076f40677f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/css.php?stylesheet=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:21 GMT
server: Apache
accept-ranges: bytes
etag: "4e8b-58cb46c35c8e7"
content-length: 20107
content-type: image/png

GET
H2 200 follow%20my%20lead.png
wicked.bloodbonds.de/images/ 133 KB
133 KB 287ms
287ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/follow%20my%20lead.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: e4d4a9a0957d54d17130554fbac1f2c65f602149ecdc75c0365537af948a918a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:04 GMT
server: Apache
accept-ranges: bytes
etag: "2129b-58cb46b331f16"
content-length: 135835
content-type: image/png

GET
H2 200 bg-areas2.png
wicked.bloodbonds.de/images/ 282 KB
282 KB 286ms
286ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/bg-areas2.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 5ab3d0064b44408bfd83ff346c5bc9f93a091f3e3400f210d8599d092b06389e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:03 GMT
server: Apache
accept-ranges: bytes
etag: "4663a-58cb46b236f84"
content-length: 288314
content-type: image/png

GET
H2 200 hintergrundd.png
wicked.bloodbonds.de/images/ 961 KB
962 KB 286ms
286ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/hintergrundd.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: faee03d390dcb542af569a08e157131a509ebd17c948624ebdd7c6ae5ffd025c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:05 GMT
server: Apache
accept-ranges: bytes
etag: "f0598-58cb46b479163"
content-length: 984472
content-type: image/png

GET
H2 200 buttons_bg.png
wicked.bloodbonds.de/images/ 126 B
172 B 285ms
285ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/buttons_bg.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/css.php?stylesheet=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: a76fa788a71024a393354eb6fa046d39476bd3aecf1788ae5e1b589961e08a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/css.php?stylesheet=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:03 GMT
server: Apache
accept-ranges: bytes
etag: "7e-58cb46b265d81"
content-length: 126
content-type: image/png

GET
H2 200 closed_gro%C3%9F.png
wicked.bloodbonds.de/images/folder/ 21 KB
21 KB 285ms
285ms Image
image/png 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.bloodbonds.de/images/folder/closed_gro%C3%9F.png
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/css.php?stylesheet=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 769cdcecf0d17169d2131621421d256dd5308e7d52ce9ca80728bb3055d66355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.bloodbonds.de/css.php?stylesheet=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:30:20 GMT
server: Apache
accept-ranges: bytes
etag: "53f0-58cb46c2a3031"
content-length: 21488
content-type: image/png

GET
H2 200 Ginebra_Bolds.woff
wicked.bloodbonds.de/ 19 KB
19 KB 283ms
283ms Font
font/woff 85.13.143.118
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.bloodbonds.de/Ginebra_Bolds.woff
Requested by: Host: wicked.bloodbonds.de
URL: https://wicked.bloodbonds.de/css.php?stylesheet=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.143.118 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd43638.kasserver.com
Software: Apache /
Resource Hash: 1deb5885a91ddb51e431cb44276135ebc84d83620f63f7b221ee0829e7cd1627

Request headers

Referer: https://wicked.bloodbonds.de/css.php?stylesheet=18
Origin: https://wicked.bloodbonds.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
last-modified: Tue, 02 Jul 2019 15:29:40 GMT
server: Apache
accept-ranges: bytes
etag: "4bec-58cb469ca0ae3"
content-length: 19436
content-type: font/woff

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 139ms
58ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://wicked.bloodbonds.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 06:26:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 723
cdn-cachedat: 10/31/2023 18:48:08
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66624
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1082458cf506ba85f155d2e104f76dcb
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 844353c51c921987-FRA
cdn-requestpullsuccess: True

Verdicts & Comments Add Verdict or Comment

321 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wicked.bloodbonds.de/	1970-01-21 02:22:56	Name: mybb[lastvisit] Value: 1705040778
.wicked.bloodbonds.de/	1970-01-21 02:22:56	Name: mybb[lastactive] Value: 1705040778
.wicked.bloodbonds.de/	1969-12-31 23:59:59	Name: sid Value: b91558b3aec9d243ad56da16f4b9922f

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://wicked.bloodbonds.de/ Message: Mixed Content: The page at 'https://wicked.bloodbonds.de/' was loaded over HTTPS, but requested an insecure element 'http://smokescreen.de/header2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://fonts.googleapis.com/css?family=Oleo-Script Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://smokescreen.de/header2.png Message: Failed to load resource: the server responded with a status of 441 ()
security	warning	URL: https://wicked.bloodbonds.de/(Line 158) Message: Mixed Content: The page at 'https://wicked.bloodbonds.de/' was loaded over HTTPS, but requested an insecure element 'http://smokescreen.de/header2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
maxcdn.bootstrapcdn.com
smokescreen.de
wicked.bloodbonds.de
2606:4700::6812:acf
2a00:1450:4001:831::200a
64.190.63.111
85.13.143.118
00db4f1d9dd67891c167d0d9a0a8420c1553ae9b3d57cb070e5904959f198257
0278d855e802bd2fc44ba3279b471feb94749f1771284f0af0d2b0ba2fccac6c
0aa4971529a5f5ebbb567b6865a3a600310203f8601539ce9df1901542d722b4
14d3d824e0dba493f9d67ade57f346b613ae6348d5075ff5ee6e818bddcf04b9
1bea0a49e472f5338ccb6cdb206ac821b95a1576046f1140e4f1bbfd0a44427f
1deb5885a91ddb51e431cb44276135ebc84d83620f63f7b221ee0829e7cd1627
20a8bfd4f1834fe2a79d12e3f4ecda461aa970edff49aa4cb991f0013923e1f2
334f76547171d0cdee67dc2bdd4b22510781c53d3f50ebf285361688b78b11b1
40650cb193ede7cd8b6f3433128f6ffce918da7e4890654f6f11a722ec1f4af3
544046221dcad6ca28c9c21b3d9fc382794682dfae458f9de88b95076f40677f
5ab3d0064b44408bfd83ff346c5bc9f93a091f3e3400f210d8599d092b06389e
5c8f251e2dcb6d4934e7ff061055b82df4ba798b7339ab7f95926d41eaf32d4a
645918267bb0cd17458f4a2470d8eccb55407e657e45040f59f69e51a1b6afea
6d87cbbda36e07bc16c93a183b767688d88cc6e63fde526dd42d8aa9d8fb9c48
6e6e99b481ea9fcb4da3a102bc54811286eac000408480ae72a54d2eef9f0952
74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee
769cdcecf0d17169d2131621421d256dd5308e7d52ce9ca80728bb3055d66355
7cd26c971a0db9e2c43c2ee5224cb45b5405fd9c6b5c54768b6c53185ddec55f
7ed8d545e4b2e0feb58abf460a444c621b57719852e4c9b7ada0bcbd16c0f957
85f84d82be4813192f15a139f11805219c447040786bc29580b672a4c0ffae78
8f53f722fae087a0bb286f65e8d17245f3245a8ef29934c544e9d2d7098ee0fe
924ab79f7df1eb3fd6a6f6cfc63426fe0b59e1b63c103c1569ef1c3866140131
985949b8fad5482ff01b2b3027a1c5a0b63d52dfc9977f9dbe3d482c68a0767f
9ad72bd047e42023e5296cf104d20393598a3292a1a1eac91d083fa1fc929eeb
a3f620dbe9fabe2c136707ff15bc3936ac5ddd0415239be23308e379e580e451
a76fa788a71024a393354eb6fa046d39476bd3aecf1788ae5e1b589961e08a1a
a7b2fc1cd872311a0843cd69527546ea92473a02879219b6cea65d29fa7672da
a980ee924c42eec124ecd82fd69bc5a54b201421c80540c4188a0e180ca01ac0
ac64be4317c27044f5ede681cd934fbfcc65a944b72eb018da32b9ea682e454e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
ba8a2573fe8b9833ad134018ac10ce7ab18748c0ad4b1fe8484b098b847fe2b9
bc1036e0b2fbcdff2ba13e6c2a07e28b7041d374ef473f7989c93c60efa40548
bdc41d74b69cba32720e0879c32c1be5cca7dad03c4713aa9a773c13d722518e
bff90710df199695af5962befb5092c5812c49b8bb948089c855469c3246a064
cccde9f318e336c6cf7296ff6cf9d0e7f31f32e31ac320d246b86d289638eedc
d02c1c9690c99d45f0dd028edf456c825a003e05f86c44259a6ec8aa46510286
d3a2c96155ffc70710b22fb1f3d407657ede46e38a0a6721eff9f32e7e51bf90
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
ddeb71931c7d4287c218d3fb0a6c038bf1588d320d6a670ab1b67ac758d5f973
e0622d10342b1f9b16a8d53ab5ae3815a1b41445b5030d48e583106d09cf82f4
e2371335611df2e733dbb21206c28b984a555bf9d830ae3668479b45d68d7865
e3697e07e277d98a8c5fdc4684ed34897530c84e84f819a908866c8067c14f3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d4a9a0957d54d17130554fbac1f2c65f602149ecdc75c0365537af948a918a
e54461020348c98411ebef9bf1c795ca4d7c42d8826fc3cfda40145913a3686a
e78b4e3a66bca61baa2b651890ae039e1eae84bbe102a26d439faed16fd94a2e
e89eb9c5a89a34ad599b0eec8a057d5c4fc78889a1e4ac787002b3abb79969dc
eb1966231accd46f5dab0b19c922d1bc1951bba648192329d17e66b3ed49827f
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f9b0f5a44e5e6500d2de838e43a387dcd3cf75bd24573513dc3f7e98192c02bc
fac1ebc5539248bb83cd11185e02e9a1c9cb26dd23cea34391d75d915dd601a3
faee03d390dcb542af569a08e157131a509ebd17c948624ebdd7c6ae5ffd025c
fb7af1b999a8e55120b9263d996f642526a71e12fadb43c7ae342a1fdf8b4dc0
fc50596a391de0cb376fe2065abc6d2c2a61d2906e4c4cf6ffab37123581fdfe
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
fff8b41d367bf0f9f83a3ef0b3070ce3ae83e5801d1aed4999819c8c6296bc2e

wicked.bloodbonds.de Open in urlscan Pro 85.13.143.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

4630 kBTransfer

4884 kBSize

3 Cookies

2 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wicked.bloodbonds.de Open in urlscan Pro
85.13.143.118 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

4630 kB
Transfer

4884 kB
Size

3
Cookies

59 HTTP transactions
0 data transactions