URL: https://wicked-game.com/
Submission Tags: phishingrod
Submission: On July 13 via api from DE — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 55 HTTP transactions. The main IP is 198.71.233.140, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is wicked-game.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 13th 2023. Valid for: a year.
This is the only time wicked-game.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
41 198.71.233.140 26496 (AS-26496-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
5 54.215.146.5 16509 (AMAZON-02)
4 3.161.127.137 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.120.195.249 396982 (GOOGLE-CL...)
55 7
Apex Domain
Subdomains
Transfer
41 wicked-game.com
wicked-game.com
924 KB
5 fareharbor.com
fareharbor.com — Cisco Umbrella Rank: 24207
171 KB
4 cloudfront.net
dp58aslhmbcib.cloudfront.net
634 KB
3 sentry.io
o10963.ingest.sentry.io — Cisco Umbrella Rank: 35820
434 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
71 KB
1 fh-kit.com
fh-kit.com — Cisco Umbrella Rank: 85294
21 KB
55 6
Domain Requested by
41 wicked-game.com wicked-game.com
5 fareharbor.com wicked-game.com
fareharbor.com
dp58aslhmbcib.cloudfront.net
4 dp58aslhmbcib.cloudfront.net fareharbor.com
3 o10963.ingest.sentry.io dp58aslhmbcib.cloudfront.net
1 www.googletagmanager.com fareharbor.com
1 fh-kit.com wicked-game.com
55 6

This site contains links to these domains. Also see Links.

Domain
fareharbor.com
www.themeseye.com
Subject Issuer Validity Valid
wicked-game.com
Go Daddy Secure Certificate Authority - G2
2023-07-13 -
2024-07-13
a year crt.sh
fh-kit.com
E1
2023-06-14 -
2023-09-12
3 months crt.sh
fareharbor.com
Amazon RSA 2048 M01
2023-06-28 -
2024-07-26
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
ingest.sentry.io
DigiCert TLS RSA SHA256 2020 CA1
2022-07-28 -
2023-08-28
a year crt.sh

This page contains 2 frames:

Primary Page: https://wicked-game.com/
Frame ID: AC91649B0FB3196AC95E87E2984FE47A
Requests: 44 HTTP requests in this frame

Frame: https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
Frame ID: 8BF342A31DC174D00E0B7EDA16789C31
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Wicked Game Charters

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • fareharbor\.com/embeds/api/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js


Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]
  • /revslider/[/\w-]+/js

Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

55
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1821 kB
Transfer

7679 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wicked-game.com/
55 KB
12 KB
Document
General
Full URL
https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
560dcf5c6c4c2fd7353a7525617215c53a51942ccfd3fc1ad484f45c311bd6b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
80700
content-encoding
gzip
content-length
11856
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 13:55:48 GMT
server
openresty
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
vary
Accept-Encoding, User-Agent
x-backend
local
x-cache
cached
x-cache-hit
HIT
x-cacheable
YES:Forced
x-cacheproxy-retries
0/2
x-content-type-options
nosniff
x-fawn-proc-count
1,0,24
x-php-version
8.1
x-pingback
https://wicked-game.com/xmlrpc.php
x-xss-protection
1; mode=block
wp-emoji-release.min.js
wicked-game.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://wicked-game.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93584
x-cache
cached
x-cacheproxy-retries
0/2
content-length
5039
x-xss-protection
1; mode=block
last-modified
Mon, 03 Jul 2023 08:22:50 GMT
server
openresty
x-php-version
8.1
etag
"4904-5ff90df55e65c-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
style.min.css
wicked-game.com/wp-includes/css/dist/block-library/
95 KB
13 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
12736
x-xss-protection
1; mode=block
last-modified
Mon, 03 Jul 2023 08:22:50 GMT
server
openresty
x-php-version
8.1
etag
"17ced-5ff90df4e685d-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
style-coblocks-1.css
wicked-game.com/wp-content/plugins/coblocks/dist/
265 KB
38 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/plugins/coblocks/dist/style-coblocks-1.css?ver=3.0.4
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
9bc0966f793217465b16db209de07f945210caa979834ecafd0d42bccba60a4d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
38525
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jun 2023 22:59:49 GMT
server
openresty
x-php-version
8.1
etag
"423fb-5febfd7698ecd-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
style-coblocks-extensions.css
wicked-game.com/wp-content/plugins/coblocks/dist/
2 KB
786 B
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/plugins/coblocks/dist/style-coblocks-extensions.css?ver=3.0.4
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
9c197c685d1cfde9e68e198bd0c023f58202efd10e5991a58aeacb01db67f844
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
342
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jun 2023 22:59:49 GMT
server
openresty
x-php-version
8.1
etag
"695-5febfd769969d-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
classic-themes.min.css
wicked-game.com/wp-includes/css/
291 B
659 B
Stylesheet
General
Full URL
https://wicked-game.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
210
x-xss-protection
1; mode=block
last-modified
Mon, 03 Jul 2023 08:22:50 GMT
server
openresty
x-php-version
8.1
etag
"123-5ff90df4e4d05;5c23ade4ed44e
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
rs6.css
wicked-game.com/wp-content/plugins/revslider/public/assets/css/
59 KB
13 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
b86f3cdcccad303cb5300fab4d2774eafc3a2788f07ff1f3cd1953dd0debaa3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
12635
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:04 GMT
server
openresty
x-php-version
8.1
etag
"ea95-5c825f5aaaabb-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
style.min.css
wicked-game.com/wp-includes/css/dist/components/
81 KB
12 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-includes/css/dist/components/style.min.css?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
072799c158a63f494abfbb8c4a0a7f1322029d531192c34092b88ddfdf693b2d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
11771
x-xss-protection
1; mode=block
last-modified
Mon, 03 Jul 2023 08:22:50 GMT
server
openresty
x-php-version
8.1
etag
"14573-5ff90df4e8b85-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
latest.css
wicked-game.com/wp-content/plugins/coblocks/includes/Dependencies/GoDaddy/Styles/build/
13 KB
2 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/plugins/coblocks/includes/Dependencies/GoDaddy/Styles/build/latest.css?ver=2.0.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
1474
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jun 2023 22:59:49 GMT
server
openresty
x-php-version
8.1
etag
"3256-5febfd769e0d5-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
7e3359fad379ad0a2b5652c7211756cd.css
wicked-game.com/wp-content/fonts/
895 KB
54 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/fonts/7e3359fad379ad0a2b5652c7211756cd.css
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
d7b18caf3b7b5aeef33bb6d55782c1ec667d0d878c7c6040e4868932105a6a9e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
54776
x-xss-protection
1; mode=block
last-modified
Thu, 16 Mar 2023 18:56:52 GMT
server
openresty
x-php-version
8.1
etag
"dfc95-5f709061240d3-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
blocks.css
wicked-game.com/wp-content/themes/tafri-travel/assets/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/themes/tafri-travel/assets/css/blocks.css?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
49540cd58475ab5d0b972dd46396ecde710c2921f6f820a0b490a18f8ead7a7c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
2186
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jun 2023 13:42:26 GMT
server
openresty
x-php-version
8.1
etag
"2542-5fd119b5a8701-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
bootstrap.css
wicked-game.com/wp-content/themes/tafri-travel/assets/css/
193 KB
25 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/themes/tafri-travel/assets/css/bootstrap.css?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
08f7ede017d0ee9c145f01965819e1ae4233afdf2f474285f2e8ace8175dfdc0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
24683
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jun 2023 13:42:26 GMT
server
openresty
x-php-version
8.1
etag
"30235-5fd119b5a8ed1-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
style.css
wicked-game.com/wp-content/themes/tafri-travel/
42 KB
10 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/themes/tafri-travel/style.css?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
92c3b2ee476ea75e57aab9eb49c099a5d746691eb596ffdf30084dca4658ec95
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
9637
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jun 2023 13:42:26 GMT
server
openresty
x-php-version
8.1
etag
"a6d9-5fd119b5be2aa-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
custom.css
wicked-game.com/wp-content/themes/tafri-travel/assets/css/
1 KB
935 B
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/themes/tafri-travel/assets/css/custom.css?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
fe366990cdfd51c68a4976c4bab83f46ba3063f8df840ba8fd4ec030bf071119
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
491
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jun 2023 13:42:26 GMT
server
openresty
x-php-version
8.1
etag
"52d-5fd119b5a8ed1-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
fontawesome-all.css
wicked-game.com/wp-content/themes/tafri-travel/assets/css/
42 KB
8 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/themes/tafri-travel/assets/css/fontawesome-all.css?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
2e9d79f6358d4ea892e1a18387f7479a030f7afe6c0b4f29fb0f563b7a60f718
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
7991
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jun 2023 13:42:26 GMT
server
openresty
x-php-version
8.1
etag
"a8dd-5fd119b5a9a89-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
/
fh-kit.com/buttons/v2/
225 KB
21 KB
Stylesheet
General
Full URL
https://fh-kit.com/buttons/v2/?aqua=0dddc2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:98cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7fc1fbcee236ab01c862a77457b5988e32950a0f191faeac71191a2e4290e72
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 12 Jul 2023 11:56:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"a7fc1fbcee236ab01c862a77457b5988e32950a0f191faeac71191a2e4290e72"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-scss-cache
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoPEBr8k4bIT8NJYcgDpboc5vEWVrGV6%2FSs8jhKu6NudltUzPfji0REgVg0xkqacyB3Tr6y8NfE0vrmihS7ydHtqLs9GDhEUWaBGS2DeVsD4cRlUbhBezoMYDtfRTgQQqCgaF1JgC81i"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
7e62069448ba35e0-FRA
alt-svc
h3=":443"; ma=86400
js_composer.min.css
wicked-game.com/wp-content/plugins/js_composer/assets/css/
474 KB
45 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
45790
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:47 GMT
server
openresty
x-php-version
8.1
etag
"76828-5c825f8391e4b-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
Defaults.css
wicked-game.com/wp-content/uploads/smile_fonts/Defaults/
27 KB
5 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.6
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
4755
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:55:02 GMT
server
openresty
x-php-version
8.1
etag
"6bf7-5c8261ce861c3-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
jquery.min.js
wicked-game.com/wp-includes/js/jquery/
88 KB
31 KB
Script
General
Full URL
https://wicked-game.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
31049
x-xss-protection
1; mode=block
last-modified
Mon, 03 Jul 2023 08:22:50 GMT
server
openresty
x-php-version
8.1
etag
"15ed7-5ff90df55136b-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
jquery-migrate.min.js
wicked-game.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://wicked-game.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
4795
x-xss-protection
1; mode=block
last-modified
Mon, 03 Jul 2023 08:22:50 GMT
server
openresty
x-php-version
8.1
etag
"3470-5ff90df5503cb-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
rbtools.min.js
wicked-game.com/wp-content/plugins/revslider/public/assets/js/
117 KB
45 KB
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
9556bca5ad5eb24439887d7339fcb687088776bbaa995553aa489c9607cf9e19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
45119
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:04 GMT
server
openresty
x-php-version
8.1
etag
"1d25a-5c825f5aa51f6-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
rs6.min.js
wicked-game.com/wp-content/plugins/revslider/public/assets/js/
319 KB
82 KB
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
60f59e08903c3d0b70e928af542ded081c10a790b6c198c7026788b77f4256ac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
83527
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:04 GMT
server
openresty
x-php-version
8.1
etag
"4fd58-5c825f5aa69c9-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
custom.js
wicked-game.com/wp-content/themes/tafri-travel/assets/js/
2 KB
1 KB
Script
General
Full URL
https://wicked-game.com/wp-content/themes/tafri-travel/assets/js/custom.js?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
95fd5b987e824f233e7a8165ae9ae222923c425c3e121737c6a3ddb12111c1fb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
887
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jun 2023 13:42:26 GMT
server
openresty
x-php-version
8.1
etag
"9ee-5fd119b5ab5e1-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
bootstrap.js
wicked-game.com/wp-content/themes/tafri-travel/assets/js/
138 KB
27 KB
Script
General
Full URL
https://wicked-game.com/wp-content/themes/tafri-travel/assets/js/bootstrap.js?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
9015e9cd299c0e607018a64bbed8a1ce177d0dc3effec354ebbbbfe3b6e2e28b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
27106
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jun 2023 13:42:26 GMT
server
openresty
x-php-version
8.1
etag
"228fc-5fd119b5ab1f9-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
/
fareharbor.com/embeds/api/v1/
34 KB
11 KB
Script
General
Full URL
https://fareharbor.com/embeds/api/v1/?autolightframe=yes
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.215.146.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-146-5.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
110856e2afb260af4aa68da01b63f398665fdc2e56419f14d2d01265155ba596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production-appservers_docker-a-7
x-amzn-trace-id
Root=1-64b00264-1cf963e42fff88c63e5548e3
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
vary
Accept-Encoding, Cookie
content-language
de-de
p3p
CP="This is not a P3P policy."
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
x-xss-protection
1; mode=block
expires
0
prettyPhoto.min.css
wicked-game.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/css/
21 KB
3 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/css/prettyPhoto.min.css?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
b99c4a34042b7bca706d57bb324b3e22985e479f18099283829a50a6121e9491
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
2797
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:44 GMT
server
openresty
x-php-version
8.1
etag
"524a-5c825f811b79e-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
owl.min.css
wicked-game.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/assets/
5 KB
2 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/assets/owl.min.css?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
a47ff037b0a646f620f8cd07d37740485317af5d6f6732dcf85c8ee124c21d07
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
1158
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:45 GMT
server
openresty
x-php-version
8.1
etag
"15a6-5c825f8150c9d-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
animate.min.css
wicked-game.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/
51 KB
4 KB
Stylesheet
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
1c3fbf3f4938451bc3b7781f832b7da84c23eec5b979ac7541ec754e67e3b6d2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
3653
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:44 GMT
server
openresty
x-php-version
8.1
etag
"caa8-5c825f80ee322-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
accept-ranges
bytes
coblocks-animation.js
wicked-game.com/wp-content/plugins/coblocks/dist/js/
407 B
696 B
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=3.0.4
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
242
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jun 2023 22:59:49 GMT
server
openresty
x-php-version
8.1
etag
"197-5febfd7695435-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
coblocks-tinyswiper-initializer.js
wicked-game.com/wp-content/plugins/coblocks/dist/js/
14 KB
6 KB
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/coblocks/dist/js/coblocks-tinyswiper-initializer.js?ver=3.0.4
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
3f7af01f4d8414f9dfe9e2dc0f693ad62b3081e7a345aee612114e4c4aebcd2e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
5378
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jun 2023 22:59:49 GMT
server
openresty
x-php-version
8.1
etag
"3858-5febfd769775d-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
jquery.superfish.js
wicked-game.com/wp-content/themes/tafri-travel/assets/js/
7 KB
3 KB
Script
General
Full URL
https://wicked-game.com/wp-content/themes/tafri-travel/assets/js/jquery.superfish.js?ver=6.2.2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
996862df1686747b978037477df2c3ec70effb20a7c5fbd9b4db095772d78b2c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
2374
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jun 2023 13:42:26 GMT
server
openresty
x-php-version
8.1
etag
"1cff-5fd119b5abdb1-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
js_composer_front.min.js
wicked-game.com/wp-content/plugins/js_composer/assets/js/dist/
20 KB
6 KB
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
527beb6c2c7fb7390156ab5c7e269b74994831e1cae8a54bec16e6165b908fc4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
5834
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:46 GMT
server
openresty
x-php-version
8.1
etag
"50d9-5c825f8296af5-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
jquery.prettyPhoto.min.js
wicked-game.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/js/
23 KB
7 KB
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto.min.js?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
798d62ba5e0d79c78e9ec2ca02c704a640bd8fb0294a5c7e2ee1a4df10311306
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
6221
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:44 GMT
server
openresty
x-php-version
8.1
etag
"5db3-5c825f8118868-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
masonry.pkgd.min.js
wicked-game.com/wp-content/plugins/js_composer/assets/lib/bower/masonry/dist/
24 KB
8 KB
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/lib/bower/masonry/dist/masonry.pkgd.min.js?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
8b0b5cb1e9269744db32828efb250e6266fc7c34b5d06cc90aecbe17a39f26d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
7486
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:44 GMT
server
openresty
x-php-version
8.1
etag
"5eed-5c825f807986c-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
owl.carousel.min.js
wicked-game.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/
41 KB
11 KB
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/owl.carousel.min.js?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
689c9ac02b0a03fd9a206833df33ec989dd5ed79eab24a1802fb281bb9accc26
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
10634
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:45 GMT
server
openresty
x-php-version
8.1
etag
"a401-5c825f815408a-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
imagesloaded.pkgd.min.js
wicked-game.com/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/
7 KB
3 KB
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/imagesloaded.pkgd.min.js?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
26884bf155386d37907ad46bedf05580de5df62c414bfc18a52ddf26776b0674
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
2488
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:44 GMT
server
openresty
x-php-version
8.1
etag
"1c00-5c825f8056327-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
underscore.min.js
wicked-game.com/wp-includes/js/
18 KB
8 KB
Script
General
Full URL
https://wicked-game.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
7311
x-xss-protection
1; mode=block
last-modified
Mon, 03 Jul 2023 08:22:50 GMT
server
openresty
x-php-version
8.1
etag
"4991-5ff90df520df8-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
vc-waypoints.min.js
wicked-game.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/
9 KB
3 KB
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
2813
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:45 GMT
server
openresty
x-php-version
8.1
etag
"2415-5c825f815d2a5-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
vc_grid.min.js
wicked-game.com/wp-content/plugins/js_composer/assets/js/dist/
26 KB
5 KB
Script
General
Full URL
https://wicked-game.com/wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.js?ver=6.4.1
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
401fe8cea729abfb39bb24649e81acf9e178f91f5d6436793bc92376e2956e1c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-cacheable
YES
x-backend
local
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
4705
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 02:44:46 GMT
server
openresty
x-php-version
8.1
etag
"66c8-5c825f82a067f-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
accept-ranges
bytes
38DFA90D-E860-4887-9A6B-42F08C927E57-scaled.jpeg
wicked-game.com/wp-content/uploads/2021/07/
380 KB
381 KB
Image
General
Full URL
https://wicked-game.com/wp-content/uploads/2021/07/38DFA90D-E860-4887-9A6B-42F08C927E57-scaled.jpeg
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
5b7323d6633b022d0e8b03b4526a6677699295ad91a0d9963df9e3d0ef88ca8e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:49 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
389344
x-xss-protection
1; mode=block
last-modified
Mon, 05 Jul 2021 22:48:05 GMT
server
openresty
x-php-version
8.1
etag
"5f0e0-5c668193ea7ec"
content-type
image/jpeg
x-cache-hit
HIT
accept-ranges
bytes
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd268bbb5766ab62c69d6408624aa3efac4fd0fedd1313533911d1e1252c299c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
H4cgBXaMndbflEq6kyZ1ht6ohYaz.woff2
wicked-game.com/wp-content/fonts/merienda-one/
11 KB
11 KB
Font
General
Full URL
https://wicked-game.com/wp-content/fonts/merienda-one/H4cgBXaMndbflEq6kyZ1ht6ohYaz.woff2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/wp-content/fonts/7e3359fad379ad0a2b5652c7211756cd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
be62e6a92e8dfb591bf56cfd7a23dc759fa3bf63d5183543ffdd17b2903e64fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wicked-game.com/wp-content/fonts/7e3359fad379ad0a2b5652c7211756cd.css
Origin
https://wicked-game.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:49 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
11176
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 08:46:32 GMT
server
openresty
x-php-version
8.1
etag
"2ba8-5f3b39a0e51e9"
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
wicked-game.com/wp-content/fonts/quicksand/
25 KB
26 KB
Font
General
Full URL
https://wicked-game.com/wp-content/fonts/quicksand/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/wp-content/fonts/7e3359fad379ad0a2b5652c7211756cd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wicked-game.com/wp-content/fonts/7e3359fad379ad0a2b5652c7211756cd.css
Origin
https://wicked-game.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:49 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
local
age
93585
x-cache
cached
x-cacheproxy-retries
0/2
content-length
25672
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 08:46:41 GMT
server
openresty
x-php-version
8.1
etag
"6448-5f3b39a96335a"
content-type
font/woff2
access-control-allow-origin
*
x-cache-hit
HIT
accept-ranges
bytes
/
fareharbor.com/embeds/cart/ Frame 8BF3
468 KB
117 KB
Document
General
Full URL
https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/api/v1/?autolightframe=yes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.215.146.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-146-5.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
de47110623126e095b91fb9bfdee7f1186ff172fa066017db08308972738270e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wicked-game.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-language
de-de
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 13:55:49 GMT
p3p
CP="This is not a P3P policy."
strict-transport-security
max-age=31536000
vary
Accept-Encoding Cookie
x-amzn-trace-id
Root=1-64b00265-64b56296303e57fe740d92e8
x-content-type-options
nosniff
x-fh-loadbalancer
production-appservers_docker-a-5
x-xss-protection
1; mode=block
admin-ajax.php
wicked-game.com/wp-admin/
1 B
605 B
XHR
General
Full URL
https://wicked-game.com/wp-admin/admin-ajax.php
Requested by
Host: wicked-game.com
URL: https://wicked-game.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.140 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
140.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://wicked-game.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 13 Jul 2023 13:55:50 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
x-cacheproxy-retries
0/2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-php-version
8.1
server
openresty
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://wicked-game.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-fawn-proc-count
1,0,24
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
output.cefdbc5a7881.css
dp58aslhmbcib.cloudfront.net/static/cache/css/ Frame 8BF3
185 KB
32 KB
Stylesheet
General
Full URL
https://dp58aslhmbcib.cloudfront.net/static/cache/css/output.cefdbc5a7881.css
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.127.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-127-137.vie50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
cefdbc5a7881a93f7df33458894f9cc5d32f529217c5307c9284721756a21a0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fareharbor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 11:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 833cf3734f11e96b0710bcbbca86e60a.cloudfront.net (CloudFront)
x-fh-loadbalancer
production-appservers_docker-b-4
x-amz-cf-pop
VIE50-P2
age
871841
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 03 Jul 2023 11:19:05 GMT
server
nginx/1.22.1
etag
"64a2aea9-2e3bb"
vary
Accept-Encoding
content-type
text/css
cache-control
public
x-amz-cf-id
g14eidodFx2m-ly59Z3erXaOQFhH6M1mI-5Nj48wTR1ihQVdmSJy1w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
output.34846959e9a8.css
dp58aslhmbcib.cloudfront.net/static/cache/css/ Frame 8BF3
2 KB
826 B
Stylesheet
General
Full URL
https://dp58aslhmbcib.cloudfront.net/static/cache/css/output.34846959e9a8.css
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.127.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-127-137.vie50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
34846959e9a847bbadfeabffaaee9394efbebf1cc4d5045ea1100e28ff19cfb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fareharbor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 24 May 2023 04:55:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 833cf3734f11e96b0710bcbbca86e60a.cloudfront.net (CloudFront)
x-fh-loadbalancer
production-appservers_docker-b-2
x-amz-cf-pop
VIE50-P2
age
4352394
x-cache
Hit from cloudfront
content-length
332
x-xss-protection
1; mode=block
last-modified
Tue, 23 May 2023 11:14:29 GMT
server
nginx/1.22.1
etag
"646ca015-9da"
vary
Accept-Encoding
content-type
text/css
cache-control
public
x-amz-cf-id
CVCQPszG34EPLXfG9f_wyZgP4voAaKIHomcsnuJLm8_l-4VssisE8w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
output.ab0deb229238.js
dp58aslhmbcib.cloudfront.net/static/cache/js/ Frame 8BF3
2 MB
429 KB
Script
General
Full URL
https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.127.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-127-137.vie50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
ab0deb22923881eba7159caccfd1450c2ad4cad437c4fb0641beaed9b45aa196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fareharbor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 14:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 833cf3734f11e96b0710bcbbca86e60a.cloudfront.net (CloudFront)
x-fh-loadbalancer
production-appservers_docker-b-3
x-amz-cf-pop
VIE50-P2
age
773807
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 04 Jul 2023 14:19:20 GMT
server
nginx/1.22.1
etag
"64a42a68-21400f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
x-amz-cf-id
LvNh74BaGuGdw-Ai6dxqH-fsyOpR1BlDeEd6nfCa4yHe5IX-a9pOTg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ Frame 8BF3
192 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6WXE90X597
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c34ad2aed62033b3c8d7793b1f088a4c43679513f5c959a3d4049c30929dc9d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fareharbor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
71921
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jul 2023 13:55:50 GMT
de.js
fareharbor.com/static/jstranslation/momentjs/ Frame 8BF3
3 KB
1 KB
Script
General
Full URL
https://fareharbor.com/static/jstranslation/momentjs/de.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.215.146.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-146-5.us-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
31bb69b3291fe9c0bad2e12129b38ca228d5b1f971e47588aa50a50639c7b450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 13 Jul 2023 11:16:17 GMT
server
nginx/1.22.1
x-fh-loadbalancer
production-appservers_docker-a-4
etag
"64afdd01-b11"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
content-length
1039
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
djangojs.js
fareharbor.com/static/jstranslation/de/ Frame 8BF3
165 KB
42 KB
Script
General
Full URL
https://fareharbor.com/static/jstranslation/de/djangojs.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.215.146.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-146-5.us-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
46afe4b2a8dc24485ef36821080b13a1418ff3125c165cb78964de54b0334bf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 13 Jul 2023 11:16:17 GMT
server
nginx/1.22.1
x-fh-loadbalancer
production-appservers_docker-b-7
etag
"64afdd01-292cf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
output.0b2d5ce9fb0c.js
dp58aslhmbcib.cloudfront.net/static/cache/js/ Frame 8BF3
644 KB
172 KB
Script
General
Full URL
https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.0b2d5ce9fb0c.js
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.127.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-127-137.vie50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
0b2d5ce9fb0cfa50aedf44ce5f2e8e143157a6bed8408c26a48e5721bc29d25f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fareharbor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 14:11:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 833cf3734f11e96b0710bcbbca86e60a.cloudfront.net (CloudFront)
x-fh-loadbalancer
production-appservers_docker-a-5
x-amz-cf-pop
VIE50-P2
age
603845
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jul 2023 11:10:27 GMT
server
nginx/1.22.1
etag
"64a6a123-a0e2e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public
x-amz-cf-id
GVUYBcW6iKw3kW8o7tSiMG6L-_E6cD9vfxeis5yJ9fez7Kj_CoB1Xw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
o10963.ingest.sentry.io/api/5933789/envelope/ Frame 8BF3
2 B
66 B
Fetch
General
Full URL
https://o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
Requested by
Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://fareharbor.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jul 2023 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
fareharbor.com/api/v1/persistence/017e91b2-9e74-4d20-a3a1-88c391ef1199/ Frame 8BF3
24 B
357 B
XHR
General
Full URL
https://fareharbor.com/api/v1/persistence/017e91b2-9e74-4d20-a3a1-88c391ef1199/
Requested by
Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.215.146.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-146-5.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
665dfdc1859f43c9f0626d980a4efe4647c5a5d42c12020ac8d136e42c1b0fb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-FH-Target-Language
de-de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://fareharbor.com/embeds/cart/?u=017e91b2-9e74-4d20-a3a1-88c391ef1199&from-ssl=yes&g4=no&a=no&back=https://wicked-game.com/
X-Requested-With
XMLHttpRequest
X-CSRFToken
iSjPROwBQa1GTqHKyGZZyp62mI6mJJfbfg5NSeLPjyrwhacl5XClJAouNS5qvNYY
sentry-trace
9a1ed469ae514866a6e823311aeab5b0-a0dd82680a5d4446-0

Response headers

date
Thu, 13 Jul 2023 13:55:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-fh-loadbalancer
production-appservers_docker-a-7
x-amzn-trace-id
Root=1-64b00266-3afe98d7372178a049745073
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
content-type
application/json
p3p
CP="This is not a P3P policy."
content-language
de-de
content-length
24
x-xss-protection
1; mode=block
/
o10963.ingest.sentry.io/api/5933789/envelope/ Frame 8BF3
2 B
66 B
Fetch
General
Full URL
https://o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
Requested by
Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://fareharbor.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jul 2023 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
o10963.ingest.sentry.io/api/5933789/envelope/ Frame 8BF3
2 B
302 B
Fetch
General
Full URL
https://o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
Requested by
Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://fareharbor.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jul 2023 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID function| tafri_travel_resmenu_open function| tafri_travel_resmenu_close function| tafri_travel_Keyboard_loop number| uidEvent object| bootstrap function| setREVStartSize object| FH object| coblocksTinyswiper function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox boolean| pp_alreadyInitialized function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| EventEmitter object| eventie function| imagesLoaded function| _ function| VcWaypoint function| vcGridStyleAll function| vcGridStyleLoadMore function| VcGridInfinite function| vcGridStyleLazy function| vcGridStylePagination function| vcGridStyleAllMasonry function| vcGridStyleLazyMasonry function| vcGridStyleLoadMoreMasonry function| VcGrid object| vcGridSettings boolean| doresize object| scroll_pos boolean| hashtag

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dp58aslhmbcib.cloudfront.net
fareharbor.com
fh-kit.com
o10963.ingest.sentry.io
wicked-game.com
www.googletagmanager.com
198.71.233.140
2606:4700:3035::ac43:98cd
2a00:1450:4001:80f::2008
3.161.127.137
34.120.195.249
54.215.146.5
072799c158a63f494abfbb8c4a0a7f1322029d531192c34092b88ddfdf693b2d
08f7ede017d0ee9c145f01965819e1ae4233afdf2f474285f2e8ace8175dfdc0
0b2d5ce9fb0cfa50aedf44ce5f2e8e143157a6bed8408c26a48e5721bc29d25f
110856e2afb260af4aa68da01b63f398665fdc2e56419f14d2d01265155ba596
1c3fbf3f4938451bc3b7781f832b7da84c23eec5b979ac7541ec754e67e3b6d2
26884bf155386d37907ad46bedf05580de5df62c414bfc18a52ddf26776b0674
2e9d79f6358d4ea892e1a18387f7479a030f7afe6c0b4f29fb0f563b7a60f718
2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8
31bb69b3291fe9c0bad2e12129b38ca228d5b1f971e47588aa50a50639c7b450
34846959e9a847bbadfeabffaaee9394efbebf1cc4d5045ea1100e28ff19cfb4
357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8
3f7af01f4d8414f9dfe9e2dc0f693ad62b3081e7a345aee612114e4c4aebcd2e
401fe8cea729abfb39bb24649e81acf9e178f91f5d6436793bc92376e2956e1c
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46afe4b2a8dc24485ef36821080b13a1418ff3125c165cb78964de54b0334bf6
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
49540cd58475ab5d0b972dd46396ecde710c2921f6f820a0b490a18f8ead7a7c
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
527beb6c2c7fb7390156ab5c7e269b74994831e1cae8a54bec16e6165b908fc4
560dcf5c6c4c2fd7353a7525617215c53a51942ccfd3fc1ad484f45c311bd6b8
5b7323d6633b022d0e8b03b4526a6677699295ad91a0d9963df9e3d0ef88ca8e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60f59e08903c3d0b70e928af542ded081c10a790b6c198c7026788b77f4256ac
665dfdc1859f43c9f0626d980a4efe4647c5a5d42c12020ac8d136e42c1b0fb7
689c9ac02b0a03fd9a206833df33ec989dd5ed79eab24a1802fb281bb9accc26
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
798d62ba5e0d79c78e9ec2ca02c704a640bd8fb0294a5c7e2ee1a4df10311306
8b0b5cb1e9269744db32828efb250e6266fc7c34b5d06cc90aecbe17a39f26d0
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
9015e9cd299c0e607018a64bbed8a1ce177d0dc3effec354ebbbbfe3b6e2e28b
92c3b2ee476ea75e57aab9eb49c099a5d746691eb596ffdf30084dca4658ec95
9556bca5ad5eb24439887d7339fcb687088776bbaa995553aa489c9607cf9e19
95fd5b987e824f233e7a8165ae9ae222923c425c3e121737c6a3ddb12111c1fb
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
996862df1686747b978037477df2c3ec70effb20a7c5fbd9b4db095772d78b2c
9bc0966f793217465b16db209de07f945210caa979834ecafd0d42bccba60a4d
9c197c685d1cfde9e68e198bd0c023f58202efd10e5991a58aeacb01db67f844
a47ff037b0a646f620f8cd07d37740485317af5d6f6732dcf85c8ee124c21d07
a7fc1fbcee236ab01c862a77457b5988e32950a0f191faeac71191a2e4290e72
ab0deb22923881eba7159caccfd1450c2ad4cad437c4fb0641beaed9b45aa196
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b86f3cdcccad303cb5300fab4d2774eafc3a2788f07ff1f3cd1953dd0debaa3f
b99c4a34042b7bca706d57bb324b3e22985e479f18099283829a50a6121e9491
bd268bbb5766ab62c69d6408624aa3efac4fd0fedd1313533911d1e1252c299c
be62e6a92e8dfb591bf56cfd7a23dc759fa3bf63d5183543ffdd17b2903e64fc
c34ad2aed62033b3c8d7793b1f088a4c43679513f5c959a3d4049c30929dc9d8
cefdbc5a7881a93f7df33458894f9cc5d32f529217c5307c9284721756a21a0c
d7b18caf3b7b5aeef33bb6d55782c1ec667d0d878c7c6040e4868932105a6a9e
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de47110623126e095b91fb9bfdee7f1186ff172fa066017db08308972738270e
f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d
fe366990cdfd51c68a4976c4bab83f46ba3063f8df840ba8fd4ec030bf071119